Enumeration is part of Reconnaissance phase done after the scanning. During Enumeration phase, attacker creates active session with the live target host and gathers more detailed data than that was obtained during Scanning Phase. Please note that Enumeration is different from scanning. In scanning phase, the information like IP address, Ports, OS and vulnerabilities from…
Cyber Risk
Risk in Cyber is the probability of exploitation of a vulnerability by a threat actor that would lead to loss of confidentiality, integrity or availability of data or disruption of service. Risk = Threat x Vulnerability We can add impact attribute to enhance the risk calculation for better view of the risk with the impact…
Network Basic Input/Output System (NetBIOS)
NetBIOS is Network Basic Input Output System which is an API used for communication between systems over LAN (Local Area Network) like Ethernet and Token Ring. It was initially developed for IBM’s machines to communicate on LAN and later on was mostly used in Windows environment for Server Message Block (SMB) for file sharing, printing…
Vulnerability
A vulnerability is a weakness in a system, network or software/application that can be exploited to cause impact like bringing service down, data exfiltration or un-authorized access. The vulnerability can be due to the following reasons:
Metasploit
Metasploit owned by Rapid7 is an open-source exploit platform that is used for exploiting vulnerabilities and perform penetration testing on the target system. Metasploit Architecture Metasploit is a huge framework written in Ruby with number of components and modules. MSFconsole is the main CLI console through which we can access Metasploit and perform activities like…
Cyber Kill Chain
The Cyber Kill Chain framework developed by Lockheed Martin explains attacker’s progressive steps when attacking a target which can be used to identify and prevent cyber threat. The Cyber Kill Chain has seven stages as following: Reconnaissance This is the initial phase, where the attacker gather’s information about the target. Scanning, Foot printing and Enumeration is…
Maximum Transmission Unit (MTU)
Maximum Transmission Unit (MTU) is the measurement of largest data packet that can be sent on a network between systems. Units used for MTU measured is bytes. MTU is property of data link layer. Some Data Link technology’s MTU are given below for your reference. Technology MTU Ethernet 1500 Wi Fi 2304 PPPoE 1492
OS Discovery
In the Scanning sub phase of the Reconnaissance phase blog, we covered that in this phase, we gather information about the target. In the scanning process, we identify the active IP addresses on the network and active ports/services on each system. The next step is to identify the OS running the system. This process is…
Network Security
An enterprise comprises systems and applications. The systems are interconnected through a network. The systems, applications and network (Intranet) combined together becomes an infrastructure. The infrastructure is connected to the Internet for various purposes. The Internet is un-secured huge public network and the enterprise network is private secured network. There should be line of control…
Scanning
Scanning is part of the Reconnaissance phase where the attacker gathers information about a target. It is type of active reconnaissance during which the network and systems are scanned. In the scanning, the live systems (IP addresses) are found and then the active ports on a system are identified. Post which, OS type (Windows, Unix,…