An important module in system testing is vulnerability research and verification. As its name implies, this module deals with vulnerability assessment of hosts or network. Information about system vulnerabilities can be gathered from different internet forums, information resource centers and newsgroups. Vulnerability testing can be performed by using both automated approach and manual approach. The automated approach helps in identifying loop holes and system patch level. The manual approach identifies the data flow from network as a black box. Automated approach consists of using different tools for scanning and hacking. First all vulnerabilities are gathered based on information about system and applications. Then vulnerabilities in both application and system are gathered using the automated tests. Then applications and system type is determined by using information gathered from automated tests. Then results are matched from both outputs and false positive, false negatives and positives are identified.