In this chapter, we discussed the process of identifying and analyzing the critical security vulnerabilities based on a selection of tools used in Kali Linux. We also mentioned three main classes of vulnerabilities—design, implementation, and operational—and discussed how they could fall into two generic types of vulnerabilities: local and remote. Afterwards, we discussed several vulnerability taxonomies that could be followed by the security auditor to categorize the security flaws according to their unifying commonality patterns. In order to carry out a vulnerability assessment, we presented you with a number of tools that allow for automated scans and vulnerability assessments, including Nessus, OpenVAS, Lynis, and SPARTA.

In the next chapter, we will discuss the art of deception and explain various ways to exploit human vulnerabilities in order to acquire the target. Although this process is sometimes optional, it is considered vital when there is a lack of information available to allow us to exploit the target infrastructure.