Chapter 2: Gathering Target Information

Get Started. It's Free
or sign up with your email address
Chapter 2: Gathering Target Information by Mind Map: Chapter 2: Gathering Target Information

1. DNS enumeration

1.1. -The process of locating all DNS Servers and their corresponding records for an organization

1.2. -Sources -DNSstuff, Whois, ARIN, NSLookup

2. Google Hacking

2.1. - is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use

3. Social Engineering

3.1. -Social engineering is a technique hackers use to manipulate end users and obtain information about an organization or computer systems

4. Reconnaissance and footprinting

4.1. -is a set of processes and techniques used to covertly discover and collect information about a target system.

5. Ethical hacking process

5.1. Phase 1: Footprinting

5.1.1. -The first phase of a penetration test

5.1.2. -It is also called reconnaissance

5.1.3. -It allows a hacker to gain information about the target system

5.1.4. -can be active or passive

5.1.5. -the process of accumulating data regarding a specific target for the purpose of finding ways to exploit the target in further phases

5.1.6. Information to be gathered about a target -IP addresses ranges, namespaces, employee information

5.2. Phase 2: Scanning

5.2.1. -The second phase of a penetration test

5.2.2. -It allows a hacker to gain more information about the target system -ports, services etc

5.2.3. -Is always active

5.2.4. tools -Pings, Ping sweeps, Port scans, tracert

5.3. Phase 3: Enumeration

5.3.1. -the last phase before you attempt to gain access to a system

5.3.2. -is a process to gather the information about user names, machine names, network resources, shares and services

5.3.3. information gathered- usernames, group information, passwords

5.4. Phase 4: System Hacking

5.4.1. -System hacking is the way hackers get access to individual computers on a network.

5.4.2. -explains the main methods of system hacking-password cracking, privilege escalation, spyware installation, and keylogging

5.5. Information gathering tools and methodology

5.5.1. 1.unearth initial information

5.5.2. 2. locate the network range

5.5.3. 3. ascertain active machines

5.5.4. 4. discover open ports/access points

5.5.5. 5. detect operating system

5.5.6. 6. uncover services on ports

5.5.7. 7. map the network