Scanning and enumeration
Without a doubt, almost every security professional wants to jump straight into exploiting boxes, but without understanding the basics, the exploits, and most importantly, the environment they are in. This can lead to mistakes or worse, such as breaking things in a live environment.
Scanning and enumeration allows a pen tester to understand their environment. The result one gets from these scans gives the red team a starting point to leverage vulnerabilities in different systems. Scanning is finding all available network services (TCP and UDP) running on the targeted hosts. This can help a red teamer discover whether SSH/Telnet is open to try a brute-force login and discover file shares to download data from, websites that may have vulnerabilities, or printers that may hold usernames and passwords. Enumeration is the discovery of services on the network to have a greater sense of information provided by the network services.
- RESTful Java Web Services Security
- 數(shù)字身份與元宇宙信任治理
- 工業(yè)互聯(lián)網(wǎng)安全防護(hù)與展望
- 安全實(shí)戰(zhàn)之滲透測(cè)試
- Enterprise Cloud Security and Governance
- 網(wǎng)絡(luò)安全三十六計(jì):人人該懂的防黑客技巧
- Kali Linux Wireless Penetration Testing Cookbook
- 網(wǎng)絡(luò)空間安全實(shí)驗(yàn)
- 云原生安全與DevOps保障
- 無(wú)線傳感器網(wǎng)絡(luò)安全與加權(quán)復(fù)雜網(wǎng)絡(luò)抗毀性建模分析
- 黑客攻防從入門到精通
- 企業(yè)數(shù)據(jù)安全防護(hù)指南
- Practical Internet of Things Security
- CTF網(wǎng)絡(luò)安全競(jìng)賽入門教程
- AI+網(wǎng)絡(luò)安全:智網(wǎng)融合空間體系建設(shè)指南