👣Footprinting & Scanning

In this section, you will learn about Host and Network Fingerprinting and Scanning. These are essential methods for detecting and identifying endpoints. This is the initial step for penetration testers when they begin assessing a network. By understanding these techniques, you will emulate the tactics and strategies used by adversaries, providing valuable insights into potential vulnerabilities and security gaps.

Purpose:

Scope: Scope refers to the specific range and limits of a project's objectives and deliverables.

Discovery: Discovery refers to the initial phase of network mapping where data and information about the network's infrastructure, devices, and resources are gathered and analyzed.

Process:

• Physical Access:

  • Physical Security

  • OSINT

  • Social Engineering

• Sniffing:

  • Passive Reconnaissance

  • Watch network traffic

• ARP - Address Resolution Protocol (RFC 826)

  • Resolve IP to MAC

• ICMP - Internet Control Message Protocol (RFC 792)

  • Traceroute

  • Ping

Hacker's Mantra:A breach alone is not a disaster, but mishandling it is. - Serene Davis