Passive information gathering using Metasploit auxiliary module: hands on tutorial using Kali Linux

Passive information gathering using Metasploit auxiliary module: hands on tutorial using Kali Linux recon (Information gathering, footprinting, and enumeration) Find information about target host - using various types of scans - SMB scanning, SSH server scanning, FTP scanning, SNMP enumeration, HTTP scanning, WinRM scanning etc. Foot printing Collect essential information about an organization or target What kind of technologies are used (Job posting) What kind of security policies are implemented? (Password length) Enumeration Generally, involves active connections to target machine Enumerate network resources and network shares Users and groups Services, ports Internal IP address ranges Information gathering Probably the most important phase in penetration testing. Learn and gather as much information as possible about the host / target machine IP, services, ports Passive information gathering No physical connectivity and direct access WHOIS tool / NSLOOKUP / Company portal search / LinkedIn Active information gathering Target may be able to identify some activities as a direct connection is made Port scanning - commonly done. Nmap Social engineering Passive or active? Fake sites Email