Penetration Test Proposal
Deliverable 2: Reconnaissance Plan and Scanning Plan
CMIT 321 Ethical Hacking (2198)
September 8, 2019
Statement of Work
This document will serve as a Statement of Work (SOU) outlining Cent
...
Penetration Test Proposal
Deliverable 2: Reconnaissance Plan and Scanning Plan
CMIT 321 Ethical Hacking (2198)
September 8, 2019
Statement of Work
This document will serve as a Statement of Work (SOU) outlining Centralia Security Lab’s (CSL) proposed plan of action during the scanning phase of the penetration test. The below sections will detail the scope for both the reconnaissance plan as well as the scanning plan, to include tools to be used and mediation of vulnerabilities. The deliverables after this point of the penetration test will include a full technical report with details regarding all discovered vulnerabilities, the tools that were used, and what was gained or could be gained by exploiting said vulnerabilities.
Reconnaissance Plan
Overview
The reconnaissance phase of a penetration test is one of the most important aspects. Reconnaissance is the act of gathering preliminary data or intelligence on your target. The data is gathered in order to better plan for your attack (Cybrary, 2015). There are two different types of reconnaissance, active and passive. Active reconnaissance involves gathering information about the target with direct contact, such as performing traceroute analysis, extracting DNS information, social engineering, etc. Passive reconnaissance involves information gathering with no direct contact, through means such as finding information from a search engine or social networking sites, monitoring website traffic, gathering financial information about the target through financial services, etc (EC-Council, 2019). Both means are important and can provide valuable information to help further down the road. The information gathered will help to form a strategy.
Reconnaissance Methods
References
Cybrary. (2015). Summarizing The Five Phases of Penetration Testing. Retrieved from https://www.cybrary.it/2015/05/summarizing-the-five-phases-of-penetration-testing/
EC-Council. (2019). Ethical Hacking and Countermeasures, Version 10. Retrieved from https://evantage.gilmoreglobal.com/#/books/9781635672343/cfi/0!/4/2@100:0.00
Nmap. (2019). Introduction. Retrieved from https://www.nmap.org
SecurityTrails. (2018). Retrieved from https://securitytrails.com/blog/top-20-intel-tools
[Show More]