vulnerability-assessment

Original：🇨🇳 Chinese

Translated

Professional Skills and Methodologies for Vulnerability Assessment

1installs

Sourceed1s0nz/cyberstrikeai

Added on2026-02-07

NPX Install

npx skill4agent add ed1s0nz/cyberstrikeai vulnerability-assessment

SKILL.md Content (Chinese)

View Translation Comparison →

Vulnerability Assessment

Overview

Vulnerability assessment is a critical process for identifying and evaluating system vulnerabilities. This skill provides methods, tools, and best practices for vulnerability assessment.

Assessment Process

1. Scope Definition

Define Scope:

Target Systems
Network Scope
Application Scope
Testing Depth

2. Information Gathering

Gather Information:

System Information
Network Topology
Service Information
Application Information

3. Vulnerability Scanning

Scanning Types:

Network Scanning
Host Scanning
Application Scanning
Configuration Scanning

4. Vulnerability Validation

Validation Methods:

Manual Validation
Tool-based Validation
Proof of Concept
Impact Assessment

5. Risk Assessment

Assessment Factors:

Vulnerability Severity
Exploitation Difficulty
Scope of Impact
Business Impact

Scanning Tools

Network Scanning

Using Nessus:

bash

# 启动Nessus
# 创建扫描任务
# 配置扫描策略
# 执行扫描
# 分析结果

Using OpenVAS:

bash

# 启动OpenVAS
gvm-setup

# 创建扫描任务
# 执行扫描
# 分析结果

Using Nmap:

bash

# 漏洞扫描
nmap --script vuln target

# 特定漏洞
nmap --script smb-vuln-ms17-010 target

Application Scanning

Using Burp Suite:

bash

# 配置代理
# 浏览应用
# 被动扫描
# 主动扫描
# 分析结果

Using OWASP ZAP:

bash

# 启动ZAP
zap.sh

# 快速扫描
zap-cli quick-scan http://target.com

# 完整扫描
zap-cli full-scan http://target.com

Using Acunetix:

bash

# 启动Acunetix
# 创建扫描任务
# 配置扫描选项
# 执行扫描
# 分析结果

Code Scanning

Using SonarQube:

bash

# 运行扫描
sonar-scanner

# 分析结果
# 查看报告

Using Checkmarx:

bash

# 使用Web界面
# 上传代码
# 执行扫描
# 分析结果

Vulnerability Classification

By Severity

Critical:

Remote Code Execution (RCE)
SQL Injection
Authentication Bypass
Sensitive Data Exposure

High:

Privilege Escalation
Information Disclosure
Business Logic Vulnerabilities
Misconfiguration

Medium:

Cross-Site Scripting (XSS) Vulnerabilities
Cross-Site Request Forgery (CSRF) Vulnerabilities
Weak Passwords
Insecure Configuration

Low:

Information Disclosure
Configuration Recommendations
Best Practices
Information Gathering

By Type

Injection Vulnerabilities:

SQL Injection
Command Injection
LDAP Injection
XPath Injection

Authentication Vulnerabilities:

Weak Passwords
Session Fixation
Authentication Bypass
Password Reset Vulnerabilities

Authorization Vulnerabilities:

Privilege Escalation
IDOR (Insecure Direct Object Reference)
Horizontal Privilege Escalation
Vertical Privilege Escalation

Misconfiguration:

Default Configuration
Misconfiguration
Insecure Storage
Sensitive Data Exposure

Risk Assessment

CVSS Scoring

Base Metrics:

Attack Vector (AV)
Attack Complexity (AC)
Privileges Required (PR)
User Interaction (UI)

Impact Metrics:

Confidentiality Impact (C)
Integrity Impact (I)
Availability Impact (A)

Calculating CVSS:

bash

# 使用CVSS计算器
# 输入指标
# 计算分数
# 确定等级

Business Impact

Assessment Factors:

Data Sensitivity
System Criticality
Business Impact
Compliance Requirements

Risk Matrix:

           Low Impact  Medium Impact  High Impact
High Likelihood  Medium    High       Critical
Medium Likelihood  Low      Medium     High
Low Likelihood  Low       Low        Medium

Report Writing

Report Structure

Executive Summary:

Assessment Overview
Key Findings
Risk Ratings
Recommended Actions

Detailed Findings:

Vulnerability Description
Impact Analysis
Exploitation Steps
Remediation Recommendations

Appendices:

Scanning Configuration
Tool Versions
Reference Links
Glossary

Report Template

markdown

# Vulnerability Assessment Report

## Executive Summary
- Assessment Date: 2024-01-01
- Assessment Scope: xxx
- Vulnerabilities Found: xx
- Critical Vulnerabilities: x

## Vulnerability List

### VULN-001: SQL Injection
- Severity: Critical
- CVSS Score: 9.8
- Description: ...
- Impact: ...
- Remediation Recommendation: ...

## Summary
...

Best Practices

1. Pre-Scan

Obtain Authorization
Define Scope
Prepare Tools
Notify Relevant Personnel

2. During Scan

Systematic Scanning
Document Actions
Validate Vulnerabilities
Assess Impact

3. Post-Scan

Analyze Results
Write Report
Provide Recommendations
Track Remediation

Notes

Obtain Explicit Authorization
Avoid Impacting Systems
Protect Scanning Data
Report Critical Vulnerabilities Promptly

vulnerability-assessment

NPX Install

Tags

SKILL.md Content (Chinese)

Vulnerability Assessment

Overview

Assessment Process

1. Scope Definition

2. Information Gathering

3. Vulnerability Scanning

4. Vulnerability Validation

5. Risk Assessment

Scanning Tools

Network Scanning

Application Scanning

Code Scanning

Vulnerability Classification

By Severity

By Type

Risk Assessment

CVSS Scoring

Business Impact

Report Writing

Report Structure

Report Template

Best Practices

1. Pre-Scan

2. During Scan

3. Post-Scan

Notes