Reproduce and Study Proof of Concept (PoC) with Nessus nasl

Nessus is an open-source network vulnerability scanner

Most of my friends ask me, how Nessus can show the service is vulnerable if there no public PoC or exploit about it(eg: ms16–047). So, I write this article might help your understanding regard to vulnerability that you are interested.

As example below, I choose Etag Header Information Disclosure as example.As you can see, Nessus can extract Inode number and File…

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store