As we discuss in previous, information gathering is the first phase of Penetration testing in which the pentester gather the information about the target. This phase is not enough alone to get much information, so we need another method to gather many more details about target. In This phase attacker get the detail about system, network, and vulnerabilities about potential target.
Types of scanning:
- Live host scanning
- Port scanning
- UDP scanning
- Vulnerability scanning
Network scanning is one of the most important phases of intelligence gathering. During the this process, you can gather information about specific ip addresses that can be accessed over the intent, their targets operating systems, system architecture, and the services running on each computer. In addition, the attacker also gather details about the networks and their individual host systems.
Purpose of Scanning
Discovering live hosts, ip address, and open ports of live hosts running on the network
Discovering open ports are the best way to break into the system.
Discovering Operating systems and system architecture
Identifying the vulnerabilities and threat
Detecting the associated network service of each port