Week 5 (23 March 2018)
1.0 Enumerating Target Definition
Enumerating target is where the tester find out about the ports, operating system, and what services is used. Further finds will able the tester to discover the username, password, resources, etc.
To find out the range of the IP address can be obtained by using command NBTscan. Full list of nmap command, can be seen here. Zenmap is the GUI version of nmap. Nmap is used to scan the port meaning it is able to scan the perimeter network devices and servers from external perspectives (outside your own firewall).
There are also WPScan command to find the vulnerability in plugin, themes, checking user enumeration and even guessing the password in WordPress.
~# wpscan –url domain –enumerate u