![]() (Don’t worry about them now, you can get into the nitty-gritty later) Tools like nmap, dirb, metasploit, exploit-db, Burp Suite and others are very useful to help us try to find vulnerabilities in a target. This is where more specialized tools start to come in to the arsenal. This is where a hacker will start interacting with (scanning and enumerating) the target to attempt to find vulnerabilities related to the target. The second phase of the Hacker Methodology is Scanning and Enumeration. Task 3 – Enumeration and Scanning Overview There are some specialized tools that we can utilize but for this introduction, it is good to know the following tools.Īnswer the questions below to continue reading. Reconnaissance usually involves using publicly available tools like Google to conduct research about your target.Įven though it may seem simple, reconnaissance is the single most important phase of a penetration test. You might think hackers use special tools to conduct research (and in some cases that is true), but overall they use simple tools like these to conduct research. The cool thing is, all of these very simple tools are all valid reconnaissance tools. You might have also used websites such as Wikipedia to understand the history of SpaceX, used the company’s Twitter/YouTube to see their latest news releases or “sizzle-reels”, or even LinkedIn profile to research open company positions and/or the company’s organizational structure. Google is an incredibly useful tool, and there is an entire room ( Google Dorking Room) to use it effectively to conduct research. Most likely, you started at one of the most useful tools in a Hacker’s possession: Where is the place that you started your research about SpaceX? Stop here and take 2 minutes to do some research on SpaceX and note down any websites you used to conduct research. In this case, lets use the company: SpaceX. What websites and technology come to mind to gather information about a target organization, technology, or set of individuals? Reconnaissance is a pretty simple concept, think about what tools we can use on the internet to gather information about people. Generally speaking, reconnaissance usually involves no interaction with the target(s) or system(s). Reconnaissance is all about collecting information about your target. The first phase of the Ethical Hacker Methodology is Reconnaissance.
0 Comments
Leave a Reply. |