Metasploit owned by Rapid7 is an open-source exploit platform that is used for exploiting vulnerabilities and perform penetration testing on the target system. Metasploit Architecture Metasploit is a huge framework written in Ruby with number of components and modules. MSFconsole is the main CLI console through which we can access Metasploit and perform activities like…
Category: Ethical Hacking
Cyber Kill Chain
The Cyber Kill Chain framework developed by Lockheed Martin explains attacker’s progressive steps when attacking a target which can be used to identify and prevent cyber threat. The Cyber Kill Chain has seven stages as following: Reconnaissance This is the initial phase, where the attacker gather’s information about the target. Scanning, Foot printing and Enumeration is…
Scanning
Scanning is part of the Reconnaissance phase where the attacker gathers information about a target. It is type of active reconnaissance during which the network and systems are scanned. In the scanning, the live systems (IP addresses) are found and then the active ports on a system are identified. Post which, OS type (Windows, Unix,…
Reconnaissance
Reconnaissance is the phase in which an attacker gathers information of the target to be attacked. The target can be a person or a system or an infrastructure. The following are the sub phases of Reconnaissance:
Network Mapper (NMAP)
NMAP (Network Mapper) is a free and open source utility for network discovery and security auditing. It is used to scan network to live systems and ports/services on the systems which helps network admins, system admins to get inventory and build infrastructure (Network, Systems, Services) topology. Nmap can do the following scans: IP Sweep Scan – Scans…