Show in Graph
Common Information
Type Value
Value 
Vulnerability Scanning - T1595.002
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may scan victims for vulnerabilities that can be used during targeting. Vulnerability scans typically check if the configuration of a target host/application (ex: software and version) potentially aligns with the target of a specific exploit the adversary may seek to use. These scans may also include more broad attempts to [Gather Victim Host Information](https://attack.mitre.org/techniques/T1592) that can be used to identify more commonly known, exploitable vulnerabilities. Vulnerability scans typically harvest running software and version numbers via server banners, listening ports, or other network artifacts.(Citation: OWASP Vuln Scanning) Information from these scans may reveal opportunities for other forms of reconnaissance (ex: [Search Open Websites/Domains](https://attack.mitre.org/techniques/T1593) or [Search Open Technical Databases](https://attack.mitre.org/techniques/T1596)), establishing operational resources (ex: [Develop Capabilities](https://attack.mitre.org/techniques/T1587) or [Obtain Capabilities](https://attack.mitre.org/techniques/T1588)), and/or initial access (ex: [Exploit Public-Facing Application](https://attack.mitre.org/techniques/T1190)).
Details Published Attributes CTI Title
Details Website 2024-11-14 4 Vulnerability Analysis on Metasploitable 2 Using Nessus Essentials
Details Website 2024-11-14 5 ICS Vulnerabilities Report: Key Security Issues & Mitigation Tips
Details Website 2024-11-13 0 What is ASPM: All You Need To Know About Robust Cyber-Security Inside APIs
Details Website 2024-11-13 0 Securing a Clear Vision: How Houston Eye Associates Focuses on Cybersecurity
Details Website 2024-11-13 0 Which Certificate is Best for Cybersecurity?
Details Website 2024-11-13 2 Which course is right for cyber security? A guide to choose the right path for your career
Details Website 2024-11-13 2 CISA's secure software deployment push: Key takeaways for AppSec teams
Details Website 2024-11-13 1 Solid Security Pro Review
Details Website 2024-11-13 0 Top 5 Essential Cybersecurity Tools in 2025 to Protect Your Business
Details Website 2024-11-13 0 Artificial Intelligence automates Penetration Testing
Details Website 2024-11-13 1 Solid Security Pro Overall Effectiveness Review
Details Website 2024-11-13 1 Sealing Entry Points and Weak Links in the Environment - How Dell is Building an Iron Wall of Defense
Details Website 2024-11-13 2 CISA's secure software deployment push: Key takeaways for AppSec teams
Details Website 2024-11-12 0 How Red and Purple Teaming Reduce Cyber Risk Across the Cybersecurity Compass
Details Website 2024-11-12 0 The Most Powerful Android Penetration Testing Tool: A Deep Dive into Drozer
Details Website 2024-11-12 1 Solid Security Pro Review
Details Website 2024-11-12 8 An In-Depth Guide to the Penetration Testing Framework
Details Website 2024-11-12 1 Solid Security Pro User Experience review
Details Website 2024-11-12 8 Mastering Reconnaissance Part 2: Advanced Scanning, Content Discovery, and Automation for Bug…
Details Website 2024-11-12 6 Multiple Vulnerabilities in Citrix Products Could Allow for Remote Code Execution
Details Website 2024-11-12 19 Multiple Vulnerabilities in Ivanti Endpoint Manager Could Allow for Remote Code Execution
Details Website 2024-11-12 49 Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Details Website 2024-11-11 1 Solid Security Pro Two-Factor Authentication Review
Details Website 2024-11-11 1 D-Link to Not Fix Critical Bug Found in End-of-Life NAS Devices
Details Website 2024-11-11 1 Solid Security Pro Review