- Mastering Kali Linux for Advanced Penetration Testing(Second Edition)
- Vijay Kumar Velu
- 128字
- 2021-07-02 21:04:14
Obtaining user information
Many penetration testers gather usernames and email addresses, as this information is frequently used to log on to targeted systems.
The most commonly employed tool is the web browser, which is used to manually search the target organization's website as well as third-party sites such as LinkedIn or Jigsaw.
Some automated tools included with Kali Linux can supplement manual searches.
Email addresses of former employees can still be of use. When conducting social engineering attacks, directing information requests to a former employee usually results in a redirect that gives the attacker the credibility of having dealt with the previous employee. In addition, many organizations do not properly terminate employee accounts, and it is possible that these credentials may still give access to the target system.
推薦閱讀
- 深入淺出Spring Boot 2.x
- R語言游戲數據分析與挖掘
- Flux Architecture
- INSTANT Passbook App Development for iOS How-to
- Mathematica Data Analysis
- Kotlin開發教程(全2冊)
- Spring Boot+MVC實戰指南
- 網絡數據采集技術:Java網絡爬蟲實戰
- 超簡單:用Python讓Excel飛起來(實戰150例)
- Clojure Web Development Essentials
- 零基礎學編程系列(全5冊)
- Socket.IO Cookbook
- Learning Redux
- Qt編程快速入門
- Tkinter GUI Application Development Blueprints