NetBIOS is a legacy API that was used for communication between systems on LAN. Each system had an unique NetBIOS name assigned to it. When a machine wanted to connect to other system, it would resolve the NetBIOS name of the target system to it’s corresponding IP address and then connect. NetBIOS had vulnerabilities and…
Category: Ethical Hacking
Enumeration
Enumeration is part of Reconnaissance phase done after the scanning. During Enumeration phase, attacker creates active session with the live target host and gathers more detailed data than that was obtained during Scanning Phase. Please note that Enumeration is different from scanning. In scanning phase, the information like IP address, Ports, OS and vulnerabilities from…
Vulnerability
A vulnerability is a weakness in a system, network or software/application that can be exploited to cause impact like bringing service down, data exfiltration or un-authorized access. The vulnerability can be due to the following reasons:
Metasploit
Metasploit owned by Rapid7 is an open-source exploit platform that is used for exploiting vulnerabilities and perform penetration testing on the target system. Metasploit Architecture Metasploit is a huge framework written in Ruby with number of components and modules. MSFconsole is the main CLI console through which we can access Metasploit and perform activities like…
Cyber Kill Chain
The Cyber Kill Chain framework developed by Lockheed Martin explains attacker’s progressive steps when attacking a target which can be used to identify and prevent cyber threat. The Cyber Kill Chain has seven stages as following: Reconnaissance This is the initial phase, where the attacker gather’s information about the target. Scanning, Foot printing and Enumeration is…
Scanning
Scanning is part of the Reconnaissance phase where the attacker gathers information about a target. It is type of active reconnaissance during which the network and systems are scanned. In the scanning, the live systems (IP addresses) are found and then the active ports on a system are identified. Post which, OS type (Windows, Unix,…
Reconnaissance
Reconnaissance is the phase in which an attacker gathers information of the target to be attacked. The target can be a person or a system or an infrastructure. The following are the sub phases of Reconnaissance:
Network Mapper (NMAP)
NMAP (Network Mapper) is a free and open source utility for network discovery and security auditing. It is used to scan network to live systems and ports/services on the systems which helps network admins, system admins to get inventory and build infrastructure (Network, Systems, Services) topology. Nmap can do the following scans: IP Sweep Scan – Scans…