- Mastering Kali Linux for Advanced Penetration Testing(Second Edition)
- Vijay Kumar Velu
- 128字
- 2021-07-02 21:04:14
Obtaining user information
Many penetration testers gather usernames and email addresses, as this information is frequently used to log on to targeted systems.
The most commonly employed tool is the web browser, which is used to manually search the target organization's website as well as third-party sites such as LinkedIn or Jigsaw.
Some automated tools included with Kali Linux can supplement manual searches.
Email addresses of former employees can still be of use. When conducting social engineering attacks, directing information requests to a former employee usually results in a redirect that gives the attacker the credibility of having dealt with the previous employee. In addition, many organizations do not properly terminate employee accounts, and it is possible that these credentials may still give access to the target system.
推薦閱讀
- 測試驅動開發:入門、實戰與進階
- Learning Real-time Processing with Spark Streaming
- Effective C#:改善C#代碼的50個有效方法(原書第3版)
- INSTANT FreeMarker Starter
- JMeter 性能測試實戰(第2版)
- HTML5+CSS3基礎開發教程(第2版)
- Mastering Articulate Storyline
- 新編Premiere Pro CC從入門到精通
- Python面向對象編程:構建游戲和GUI
- jQuery開發基礎教程
- Python Web數據分析可視化:基于Django框架的開發實戰
- 運用后端技術處理業務邏輯(藍橋杯軟件大賽培訓教材-Java方向)
- 區塊鏈國產化實踐指南:基于Fabric 2.0
- Java Web應用開發給力起飛
- Backbone.js Testing