Week 4 : Target Discovery

Target Discovery
Week 4 (16 March 2018)

1.0 Definition of Target Discovery
After gathering many information, we should discover the system the machine use, hence target discovery is needed.

Why do we need to see old record?

  1. Find old scripts

We can find old script which may contains some vulnerable code

  1. Find old admin pages

If we can find old admin page, we can brute force into the system

  1. Find old servers

Because there is some website that does not turn off their old website

2.0 Tools

2.1 Security Trails

Using https://securitytrails.com/dns-trails , we can see the lists of DNS that has been used. For instance, from the website pentest.id we can see the DNS records

2.2 Robtex

Robtex.com  can also be use to find the information of the target.

2.3 CrimeFlare

Crimeflare.com is also can be use to find the real IP behind Cloudflare’s IP Address.