Vulnerability Research

Vulnerability Research
Introduction

This section will provide a concise overview of what a vulnerability is
(e.g. Leaving your living room window open) and what the
corresponding exploit may be (e.g. someone finding it easy to climb in
if you’re on the ground floor, but slightly more difficult if you’re on the
6th floor of a tower block). Once a vulnerability has been identified, it
is necessary for a would-be hacker to find the program code or
application that will exploit it. Many sites and avenues now exist for
obtaining the required exploitation resources to make a hack come to
fruition.
Vulnerability Research
Looking for vulnerabilities and exploiting them tends to be the longest
and most laborious part of an ethical hack. However, you are more
likely to have success in gaining elevated access to a system by
exploiting a vulnerability in an application or service, than by any other
method.
Publicly known vulnerabilities are announced in two main ways:
• Fix Advisories
• Full disclosure Advisories