Vulnerability Enumeration For Penetration Testing

Error message

  • Warning: Cannot modify header information - headers already sent by (output started at /home/infosecw/public_html/index.php:3) in drupal_send_headers() (line 1475 of /home/infosecw/public_html/includes/bootstrap.inc).
  • Warning: Cannot modify header information - headers already sent by (output started at /home/infosecw/public_html/index.php:3) in drupal_send_headers() (line 1475 of /home/infosecw/public_html/includes/bootstrap.inc).
  • Warning: Cannot modify header information - headers already sent by (output started at /home/infosecw/public_html/index.php:3) in drupal_send_headers() (line 1475 of /home/infosecw/public_html/includes/bootstrap.inc).
  • User warning: The following module is missing from the file system: file_entity. For information about how to fix this, see the documentation page. in _drupal_trigger_error_with_delayed_logging() (line 1128 of /home/infosecw/public_html/includes/bootstrap.inc).
  • Warning: Cannot modify header information - headers already sent by (output started at /home/infosecw/public_html/index.php:3) in drupal_send_headers() (line 1475 of /home/infosecw/public_html/includes/bootstrap.inc).
  • Warning: Cannot modify header information - headers already sent by (output started at /home/infosecw/public_html/index.php:3) in drupal_send_headers() (line 1475 of /home/infosecw/public_html/includes/bootstrap.inc).
  • Warning: Cannot modify header information - headers already sent by (output started at /home/infosecw/public_html/index.php:3) in drupal_send_headers() (line 1475 of /home/infosecw/public_html/includes/bootstrap.inc).

Contributed by Aelphaeis Mangarae and restored from the Infosecwriters archives

This paper is a sequel to my “Learn Information Gathering By Example”. This paper will go through looking for Vulnerabilities in remote system(s), which is what you would do in a Penetration Test after gathering information on the target. I will be using real world examples for nearly everything in this paper.

Although I covered scanning a network range for possible targets in my last paper I will cover it again in this paper, because it is related. I am aware that 99.5 % of people will already know how to do this, and should know how to do it. For the sake of complete beginners I will cover it again. Not everything covered in this paper is entirely legal to do in some countries to remote machines with out the owner’s permission.

This document is in PDF format. To view it click here.

Rate this article: 
No votes yet