User Enumeration

User Enumeration in the enumeration phase attacker creates and performs activities connections to system and perms directed queries to gain more information about the taget

attackers use extracted information to identify system attack point and perform password attacks to gain unauthorized access to information system resources.

Enumeration pen testing

Enumeration Pen Testing in order to enumerate important servers find the network range using tools such as “whoise lookup”

calculate the subnet mask required for the ip range using subnet mask calculators that can be given as an input to many of the ping sweep and port scanning tools

perform port scanning to check for the open ports on the nodes using such as nmap

Comments

Cross Site Scripting

Cross Site Scripting XSS is a vulnerability when which present in websites or web applications, allows malicious users (Hackers) to insert their client side code (normally JavaScript) in those web pages. When this malicious code along with the original webpage gets displayed in the web client (browsers like chrome IE, Mozilla etc), and it is allows Hackers to gain greater access of that page.The goal of the CSS attack is to steal the client cookies, or any other sensitive information, which can identify the client with the web site. With the token of the legitimate user at hand, the attacker can proceed to act as the user in his/her interaction with the site – specifically, impersonate the user Example : in corsss site scrpting we can gether credit card number and private information using a CSS attack. This was achieved by running malicious Javascript code at the victim (client) browser with the access privileges of the web site These are the very limited Javascript priv...

Cloud Security and Penetration Testing Services

Cloud Security and Penetration Testing Services What is Cloud, why do We need Cloud Security and Penetration Testing. Cloud services are rapidly increasing popularity in the field of IT, Cloud therefore throws a whole range of unique security concerns into the IT field. These are the common cloud service provider Infrastructure as a Service (Iaas) Platform as a Service (PaaS) Software as a Service(SaaS) Mostly service provider expect that the customer is amenable for implementing security on the services they are providing, Meanwhile customers may believe that security is an included or integral part of the cloud solutions they are purchasing, however this is a completely myth. Since data and services are managed by a third party, Security must be implemented. What security is required for different data, how much security do you need to secure your information, how much security is too much? Cloud Security and Penetration Testing Services Secure against virus, ...

Footprinting Scanning

Footprinting Scanning Sam Spade Download Sam Spade from this web site and install it. Sam Spade is a graphical tool which allows you to do DNS interrogation and many other things. See a tutorial here. The features which make Sam Spade a key security tool are: Advanced DNS – DIG tool requests all the DNS records for a host or domain Zone Transfer – ask a DNS server for all it knows about a domain SMTP Relay Check – check whether a mail server allows third party relaying Scan Addresses – scan a range of IP addresses looking for open ports Crawl Web site – search a Web site, looking for email addresses, offsite links, download a Web site Search IP block – finds the IP block for an organization Sam Spade also does whois, traceroute, finger and dns lookup. SuperScan Download SuperScan from its new location and install it. SuperScan allows you to scan a range of IP addresses and do TCP port scanning. It can check all ports, or the ones you select. It is a very fast and p...

Search This Blog