Reconnaissance:
What does your
network reveal?
Are you leaking too
much information?
Using Whois lookups,
ARIN, RIPE and APNIC
Domain Name System
harvesting
Data gathering from
job postings, websites, and government databases
Recon-ng
Pushpin
Identifying publicly
compromised accounts
Maltego
FOCA for metadata
analysis
Scanning:
Locating and attacking unsecure wireless LANs
War dialing with
War-VOX for renegade modems and unsecure phones
Port scanning:
Traditional, stealth, and blind scanning
Active and passive
Operating System fingerprinting
Determining firewall
filtering rules
Vulnerability
scanning using Nessus and other tools
0 comments:
Post a Comment