Vulnerability assessment identifies flaws in computers and networks but does not differentiate exploitable flaws from non-exploitable ones, providing companies with a comprehensive view of weaknesses. Penetration testing tests systems to exploit vulnerabilities either automatically or manually, determining security weaknesses to test an organization's security policies. Types of penetration testing include white box within a network, black box externally without network knowledge, and gray box externally with some internal knowledge.

1. INTRO TO NETWORK VAPT
BY – APURV SINGH GAUTAM

2. Vulnerability Assessment
• Process in which computers and networks are scanned in order to identify
the presence of vulnerabilities associated with them.
• They do not differentiate the flaws that can be exploited and those that
cannot
• It provides enterprises with a more comprehensive application evaluation
• It alerts companies about the weaknesses in their systems

3. Penetration Testing
• It is the practice of testing a computer, network or web application to
exploit vulnerabilities.
• It may be performed automatically or manually
• Main objective is to determine security weaknesses
• It is also used to test organization's security policy

4. Types of Penetration Testing
• White Box Testing – Performing test from within the network
• Black Box Testing – Performing test from an external network
• Gray Box Testing – Performing test from an external network with the
knowledge of internal network

5. Areas of Penetration Testing
• Network Pentesting
• Web Application Pentesting
• Android/iOS Pentesting

6. Process of Network VAPT
• Information Gathering & Scanning
• Vulnerability Detection
• Gaining Network Access
• Privilege Escalation
• Making a report