Before a penetration test even begins, penetration testers spend time with their clients working out the scope, rules, and goals of the test. The penetration testers may break in using any means necessary, from using information found in the dumpster, to locating web application security holes, to posing as the cable guy. After pre-engagement activities, penetration testers begin gathering information about their targets.
The objective of the lab is to extract information concerning the target organization that includes, but is not limited to:
Type of firewall implemented, either hardware or software or a combination of both
IP address range associated with the target
Purpose of the organization and why it exists
How big is the organization? What class is its assigned IP Block?
Does the organization freely provide information about the type of operating systems employed and network topology in use?
Does the organization allow wireless devices to connect to wired networks?
Type of remote access used, either SSH or VPN
Is help sought from IT positions that give information on network services provided by the organization?
Identify organization’s users who can disclose their personal information that can be used for social engineering and assume such possible usernames
A penetration test begins before penetration testers have even made contact with the victims' systems. Rather than blindly throwing out exploits and praying that one of them returns a shell, a penetration tester meticulously studies the environment for potential weaknesses and their mitigating factors. By the time a penetration tester runs an exploit, he or she is nearly certain that it will be successful. Since failed exploits can in some cases cause a crash or even damage a victim's system, or at the very least make the victim un-exploitable in the future, penetration testers won't get the best results or deliver the most thorough report to their clients if they blindly turn an automated exploit machine on the victim network with no preparation.
Footprinting and Reconnaissance Exercises
The Ethical Hacking Exercises / Footprinting and Reconnaissance Lab contains the following Exercises:
- Network Route Trace Using Path Analyzer Pro
- Mirroring Website Using HTTrack Web Site Copier Tool
- Extracting Company’s Data Using Web Data Extractor
The Virtual Private Cloud for this Lab set utilizes:
Ethical Hacking Exercises are available as part of the following subscription:
The Exercises in this lab map to the Certified Ethical Hacker V10 Course. Each subscription provides 6 months of access to 107 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise.
Lab exercises are included for:
- Footprinting and Reconnaissance
- Scanning Networks
- Vulnerability Analysis
- System Hacking
- Malware Threats
- Social Engineering
- Denial of Service
- Session Hijacking
- Evading IDS Firewalls and Honeypots
- Hacking Web Servers
- Hacking Web Applications
- SQL Injection
- Hacking Wireless Networks
- Hacking Mobile Platforms
- Cloud Computing