Vulnerabilities are the tricks-of-the-trade for hackers, giving an intruder the ability to heighten one’s access by exploiting a flawed piece of logic inside the code of a computer. Like the hackers that seek them out, vulnerabilities are usually quite mysterious and hard to prove they even exist. They are confusing or undocumented source code, usually performing a series of tasks which don’t make a considerable amount of sense to the uninformed. In unfamiliar environments or using unfamiliar techniques many vulnerabilities may exists.
Getting acquainted with vulnerabilities and how they are exploited, the methods of exploitation seems random and chaotic – each and every one with seemingly unpredictable results. It has been theorized that this comes from the fact that bugs are mistakes, and does not follow the course of intelligent reason. However, vulnerabilities can be categorized in ways that make more sense to the person investigating the problems at hand.
Both categorization and the exploitation logic, stemming from a centralized “gray area” approach is explained here. Also, how one could take any form of vulnerability at any level and use it to control computer systems, the users, and administrators.
Following general vulnerabilities definition and nature, investigators can mirror the tracks of a hacker’s logic as they intrude upon a computer network and understand the reasoning that goes on behind the attack.
Ethical Hackers and Network Security Administrator’s conducts vulnerability assessment for finding out the general forms of vulnerabilities and for hardcore inspection they perform black box penetration tests.