During my Master of Science in Cybersecurity at National University (2022–2023), I built hands-on labs to explore vulnerability scanning, dynamic analysis, and secure code testing.
I began with port scans, learning how tools like Nmap detect open or closed ports. But real threats go deeper. That’s where vulnerability scanners like Nessus come in. Nessus scans for known weaknesses and ranks them as Critical, High, or Medium. One example: CVE-2020-8617 (a DNS denial-of-service flaw), and OpenSSH’s random number generator issue.
To demonstrate this, I set up a live intrusion detection lab, now published at this link. I intentionally misconfigured /bin/su to trigger a Perm023a vulnerability. Using the Tiger tool, I identified and resolved it with chmod u-s /bin/su.
Beyond scanners, I tested static code analyzers to catch buffer overflows and SQL injection. I then used dynamic analysis, or fuzzing, to stress-test input handling. I referenced the CERT Basic Fuzzing Framework to simulate random input and analyze crashes, errors, or unexpected behavior.
Final tip: always test new software in a sandbox like VMware before installing in production. This minimizes risk from embedded malware or insecure packages.
For anyone pursuing a career in ethical hacking, penetration testing, or cybersecurity compliance, mastering vulnerability scanning tools is essential.
🛡️ Cybersecurity starts with awareness. And with tools like Nessus, Tiger, and fuzzing frameworks, you can stay one step ahead of attackers.
Tracking Code: R88DDB71E-T2Phal-002-51
Think Positive Cyber 
Leave a comment