Enumeration is part of Reconnaissance phase done after the scanning. During Enumeration phase, attacker creates active session with the live target host and gathers more detailed data than that was obtained during Scanning Phase. Please note that Enumeration is different from scanning. In scanning phase, the information like IP address, Ports, OS and vulnerabilities from…
Category: Ethical Hacking
Vulnerability
A vulnerability is a weakness in a system, network or software/application that can be exploited to cause impact like bringing service down, data exfiltration or un-authorized access. The vulnerability can be due to the following reasons:
Metasploit
Metasploit owned by Rapid7 is an open-source exploit platform that is used for exploiting vulnerabilities and perform penetration testing on the target system. Metasploit Architecture Metasploit is a huge framework written in Ruby with number of components and modules. MSFconsole is the main CLI console through which we can access Metasploit and perform activities like…
Cyber Kill Chain
The Cyber Kill Chain framework developed by Lockheed Martin explains attacker’s progressive steps when attacking a target which can be used to identify and prevent cyber threat. The Cyber Kill Chain has seven stages as following: Reconnaissance This is the initial phase, where the attacker gather’s information about the target. Scanning, Foot printing and Enumeration is…
NMAP
NMAP (Network Mapper) is a free and open source utility for network discovery and security auditing. It is used to scan network to live systems and ports/services on the systems which helps network admins, system admins to get inventory and build infrastructure (Network + Systems + Services) topology. Nmap can do the following scans: IP Sweep Scan…