Lesson 12 - Hackers Methodology

Phase 1 - Footprinting

Using passive methods of gaining information about the target system prior to performing in the attack

-Internet or OSINT

-Social Engineering

-Dumpster Diving

-Mail Harvesting

Nslookup

Locate IP for domain name

Tracert

Locate network range

Ping

Confirm active machine

Whois

Locate domain name

Maltego

Information about network as well as internet infrastructure

Phase 2 - Scanning

Taking information obtained from phase 1 in order to attack more precisely; actively connects to the target system and get response to identify open ports and running services

Phase 2 - Enumeration

In-dept information gathering about a target: software versions, user accounts, DNS

NMAP

-Network scanner

-Discovers hosts and services on a computer network by sending packets and analyzing the responses

Nmap -sV

Detects service version

Nmap -O

Detect operating system

Phase 3 - Gaining Access

-Move from low-level account all the way up to administrator

-Social engineering, backdoors, trojans, web application vulnerabilities

Phase 4 - Covering Tracks and placing backdoors

Removal of evidence; install rootkits, backdoors, delete temp files and edit log files

MITRE ATT&CK

Knowledge base of adversary tactics and techniques based on real-world observation.