Paper details
Using Nessus and Nexpose, run new scans using Web Application Policies. Also, check out some of the other
Web scanners that are available on Kali Linux. At a minimum, this should include the Zed Attack Proxy (ZAP),
and Burp. Several others are available, as well, including SPIKE Proxy and Rat Proxy. All of them have their
upsides and downsides.
When you are done, write up a report that includes up to three web findings. Record all your information in
Chapter 3, Web Application Analysis Risk section. (Look at pages 45-49 use that report as an
example/reference if needed and PLEASE AT LEAST HAVE THIS PORTION DONE BY 9PM JUNE 22ND or
NOON JUNE 23RD)
Please take all the sections you have written since week two, clean them up based on any feedback you
received. Add in one more web vulnerability you worked with as another finding. Provide overall
recommendations for the organization about getting themselves in a place with a better security posture.
Provide as much detail with each recommendation you make as possible. Record that information in Chapter
3, Web Application Analysis Risk section.
Provide overall recommendations for the organization about getting themselves in a place with a better security
posture. Provide as much detail with each recommendation you make as possible.
You will be graded on structure, readability, analysis of the subject matter, and completeness of the analysis
and recommendation. You will NOT need a bibliography for this report.