Problem
A. Utilize flaw methodology and provide a hypothesis based on system vulnerable to XST attack
B. Using Nikto, OWASP Zaap and Nessus, conduct vulnerability analysis and mapping
C. Describe how you would apply Nikto, OWASP Zaap and Nessus tools and techniques for identifying vulnerabilities
D. Apply techniques to trace a vulnerability to its root cause
E. Utilizing your knowledge for the vulnerability found such as SQL injection, Absence of Anti-CSRF Tokens, Server Leaks Version Information. What attack vector would you hypothesize using and why?
F. Analyze the legal, ethical, and industry standards associated with vulnerability disclosure. What is your recommendation for when a vulnerability should be disclosed to the public? Why?
G. Using your vulnerability scans as a base, select a vulnerability like SQL injection and provide a hypothesis as to how the vulnerability came into being. Research the vulnerability and briefly provide a summary of the root cause.