Scanning and Enumeration
INFORMATION GATHERING
- Scanning
- Process of looking at some number of "things" to determine characteristics
- Commonly used in pen testing to uncover target vulnerabilities
- Many types of scan targets
- Networks
- Network devices
- Computers
- Applications/services
Enumeration
- Counting the detected instances of some target class
- Pen testing target classes
- Hosts
- Networks
- Domains
- Users
- Groups
- Network shares
- Web pages
- Applications
- Services
- Tokens
- Social networking sites
QUICK REVIEW
- Scanning helps to determine what is "out there"
- Don't just scan for computers - look for all devices and services
- Start collecting and classifying target information
- Use more than just utilities that scan networks
Demo
Target 1: Metasploitable VM
Target 2: DVWA VM
Attacker: Kali Linux VM
Scan Method 1 - nmap
nmap -sP 10.0.0.0/24
Scan Method 2 - ARP
arp-scan 10.0.0.0/24
Scan Method 3 - Whois Lookup http://whois.domaintools.com/
QUICK REVIEW
- nmap is the most common tool you'll see
- Know how to use nmap and what the main options do
- Be able to explain nmap output
相信未来 - 该面对的绝不逃避,该执著的永不怨悔,该舍弃的不再留念,该珍惜的好好把握。
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
