« Previous 1 2
Web-based reconnaissance
Recon
Conclusion
Tomes, the author of recon-ng, emphasizes the importance of reconnaissance as a part of penetration testing. The Recon-ng framework, he says, can take you from no information to "gaining credentials to the target environment. All without sending a single packet to the target network" [7].
Infos
- recon-ng: https://bitbucket.org/LaNMaSteR53/recon-ng
- Acquiring API keys: https://bitbucket.org/LaNMaSteR53/recon-ng/wiki/Usage%20Guide#!acquiring-api-keys
- ATF : https://www.atf.gov/
- recon-ng Usage Guide: https://bitbucket.org/LaNMaSteR53/recon-ng/wiki/Usage%20Guide
- recon-ng modules: https://bitbucket.org/LaNMaSteR53/recon-ng/wiki/Modules%20Overview
- Netcraft: http://www.netcraft.com
- Look Ma, No Exploits! http://www.irongeek.com/i.php?page=videos/derbycon3/1104-look-ma-no-exploits-the-recon-ng-framework-tim-lanmaster53-tomes
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Discover system vulnerabilities and exploits
The Kali Linux pentesting and compliance distribution is an antidote to attacks and other online danger. -
PowerShell add-on security modules
Numerous PowerShell add-on modules provide security and attack functions for penetration tests and forensic analyses, to help admins search for vulnerabilities in their networks. -
Intruder Tools
Professional attackers have much more pointed at your site than just Nmap, and you should too if you want to test your network’s security. We’ll show you some tools intruders use to gather information.
-
Refurbished: Windows 2012 Active Directory
Microsoft’s Windows Server 2012 offers numerous improvements in Active Directory, as well as better and easier management.
-
Cloud security with AWS GuardDuty
AWS GuardDuty uses machine learning and threat intelligence to identify malicious activity for continuous security monitoring in the cloud.