Reconnaissance
In this you'll learn how to perform reconnaissance from both the business side as well as a technical side. From the business side we use recon for a variety of reasons, including finding physical addresses, locations, personal information about our target and more. On the network side, we use a technological approach. Network mapping, and probing techniques combine with search engine hacking to give us the best possible picture of our targets. Each of these information gathering tactics is extremely useful in what is commonly one of the first steps in a penetration test as well as an attack. This lesson with teach all you need to know about reconnaissance and the true value of information.11 MODULES
Business Intelligence
The first step to good reconnaissance is to understand the nature of the business that you're targeting. Beyond just what they do, you need to know who they are, how they do it, and ultimately what technologies they use that you may be able to break in to.
Network Intelligence
It's important to understand the network of your target. That includes knowing where the network boundaries are and where the important systems are. This module teaches you to determine the shape and structure of the network itself.
Search Engine Hacking
Sometimes, the easiest way to find information is by simply using search engines. This module will lead you to understand how to use Google's advanced search techniques effectively as a front-line reconnaissance tool.
FOCA
This module discusses using FOCA for your business intelligence gathering when you are performing reconnaissance for a penetration test. For the PDF exploitation modules, please visit https://hackeracademy.com/lesson/pdf_exploitation
DNS Reconnaissance
This module will introduce you to enumerating information from DNS servers using common tools and techniques.
Network Scanning
Now that we know what the network "looks" like; when we know our rules and boundaries - we can start to see what's "alive". In this module, you'll learn how to successfully scan the network to see where the live hosts are and what else is out there.
Introduction to OSINT
In this module you will be introduced to Open Source Intelligence (OSINT) gathering and the techniques associated with it. Open Source Intelligence (OSINT): Consists of gathering, processing, and analyzing publicly available data and turning it into information that is actionable.
Nmap Scan Options and NSE Introduction
This module will introduce you to nmap, an open source and incredibly robust network-mapping tool. Nmap was designed to rapidly scan large networks to determine what hosts, services, operating systems, firewalls, and other characteristics are running on a network.
Banner Grabbing
In this module, you will be introduced to the idea of enumerating useful information through simple banner grabbing techniques. Banner Grabbing is a technique used by attackers to extract information about a host. If successful, it can identify the operating system, web server and other applications running on the target host.
SMTP Enumeration
In this module, you will be introduced to enumerating useful information such as application versions, usernames, and mailing list participants from SMTP servers.
SNMP Enumeration
In this module, you will be introduced to enumerating useful information from SNMP server agents.
No comments:
Post a Comment