Selamat Malam sahabat cyber4rt,Udah lama mimin kgk posting artikel
Jangan Lupa sebentar lagi mau masuk sekolah :v #Miminjugasih :3
Langsung Saja cekidot....
===========================================================================================
Jangan Lupa sebentar lagi mau masuk sekolah :v #Miminjugasih :3
Langsung Saja cekidot....
===========================================================================================
Tahapan Pentest dan tools nya :
Tahap #1: Information Gathering (Pengumpulan informasi)
- Facebook/Twitter/LinkedIn/Google+
- Maltego
- Creepy
- Social Engineering
- Recon-ng
- TheHarvester
- Metagoofil
- Shodan + Shodan's API
- DNSenum/DNSrecon
Tahap #2: Network Discovery
Tools:
Tools:
- NMap
- Unicorn Scan
- Maltego
- NetDiscover
- SMBClient
- Ettercap
- Wirehark
- TCPDump
- Arping
- Hping3
- Xprobe2
- TCPflow
Tahap #3: Enumeration
Tools:
Tools:
- NMap
- NSE (Nmap Scripting Engine)
- Maltego
- SCAPY
- NBTscan (NetBios shit)
- Cisco Analysis Tools
- Wireshark
- DNSEnum
- smtp-user-enum
- snmpwalk
Tahap #4: Vulnerability Assessment
Tools:
Tools:
- NMap
- NSE (Nmap Scripting Engine)
- Metasploit/Armitage + Nexpose
- Nessus
- OpenVAS
- Powerfuzzer
- Custom Fuzzers
- Cisco Analysis Tools (Nipper is a great one)
Tahap #5: Exploitation and Security
Tools:
Tools:
- NSE (Nmap Scripting Engine)
- Metasploit/Armitage + Nexpose
- Wireshark + SCAPY
- Various Servers (Bind9 DNS servers, DHCP servers, SMB Servers, Radius servers, etc...)
- Yersina
- Hexinject
- Tcpreplay
- Pineapple (For wireless Pentests)
Tahap #6: Post Exploitation
Tools:
Tools:
- Stunnel
- SBD (Secure Back Door) ~ Linux
- Cryptcat
- Meterpreter Persistence
- Powersploit
- Iodine
- UDPTunnel
Source : 1337CyberIndo
0 Komentar untuk "Tahapan Pentest & Beberapa Toolnya"