>> Software Engineering
You need to make report based on the given 2 labs.
Lab 1: Passive Reconnaissance
Passive reconnaissance is the act of gathering information about a target without actually using or interacting with the target. It's like spying on the target with binoculars or interviewing acquaintances or coworkers of the target, but not starting a conversation with the target just yet.
In a real-world situation, a hacker will conduct passive reconnaissance to gather information that can be used to formulate an attack against users and systems. Passive reconnaissance is typically followed by the scanning and enumeration phase, in which the hacker attempts to actively probe the systems identified during passive reconnaissance. Passive reconnaissance is also sometimes referred to as open-source intelligence gathering (OSINT), as it uses publicly available sources to collect intelligence on a target.
In this lab, you will form customized search queries using Google's search operators. With WHOIS queries, you will learn how to query Internet registration authorities about registered domains. In later parts of the lab, you will use two hacking tools, theHarvester and Maltego, to collect and organize information from indexed databases. Finally, you will bypass LinkedIn's privacy settings.
This lab has several parts, which should be completed in the order specified.
1. In the first part of the lab, you will use Google's search operators to identify information about targets.
2. In the second part of the lab, you will use Google's Advanced Search options to form customized search queries that can assist in locating vulnerabilities.
3. In the third part of the lab, you will learn to query Internet registration authorities for information available about registered domains.
4. In the fourth part of the lab, you will use the Kali Linux machine you created in the "Introduction to the Lab Environment" lab to collect information about a domain using theHarvester, a data-collection tool built into Kali.
5. In the fifth part of the lab, you will use the Kali Linux machine you created in the "Introduction to the Lab Environment" lab to gather information from multiple sources and graphically organize information using Maltego.
6. In the sixth part of the lab, you will explore a hidden vulnerability in LinkedIn's privacy settings.
7. Finally, you will explore the virtual environment on your own to answer a set of questions that allow you to use the skills you learned in the lab to conduct independent, unguided work, similar to what you will encounter in a real-world situation.
Upon completing this lab, you will be able to:
• Use customized Google searches to perform focused vulnerability searches.
• Use hacking tools to scrape information from public databases.
• Query Internet registration authorities for domain information.
• Use Maltego to identify publicly available e-mail addresses and domain names.
• Explore and circumvent privacy settings in a social network.
Preparing to strike at a target involves careful investigation. The hacker first learns all he or she can from open sources before actually touching the target system. That process is called passive reconnaissance. Eventually, the hacker exhausts the available resources and has to actually probe the target system, thus initiating scanning and enumeration.
The final step before the actual exploit, scanning and enumeration involves learning about a target system from the system itself. The hacker sets about probing a target system to see what services might be open and running, what vulnerabilities might exist, and which weaknesses might be exploitable. Due to the nature of scanning and enumeration, the hacker runs the risk of his or her activities being discovered and stopped by the target. For this reason, the black-hat hacker will want to gather as much information as he or she can as quickly as possible. Because a white-hat, or ethical, hacker has a written directive from the target itself, he or she may be less concerned with timing.
In this lab, you will explore several scanning and enumeration tools, including some you may already know. You will use Nmap and its graphical user counterpart, Zenmap, to gather data about the network, and you will capture that traffic using Wireshark. You will use OpenVAS, a popular open source vulnerability scanner, to further explore a vulnerable system. You will create and run a customized scan and examine the results. Finally, you will start two penetration tools, Metasploit and Armitage, import the Nmap report, and further explore the system. This lab has four parts, which should be completed in the order specified:
1. In the first part of the lab, you will use Zenmap and Nmap, the original command-line version, to actively probe your local area network and export the scan results to a file.
2. In the second part of the lab, you will use the OpenVAS vulnerability scanner to run an in-depth vulnerability scan of the target machine and generate a report showing the identified and prioritized system weaknesses.
3. In the third part of the lab, you will use Metasploit, a common penetration testing tool, and Armitage, the graphical user interface (GUI) for Metasploit, to further explore the target system.
4. Finally, if assigned by your instructor, you will explore the virtual environment on your own to answer a set of challenge questions that allow you to use the skills you learned in the lab to conduct independent, unguided work, similar to what you will encounter in a real-world situation.
Upon completing this lab, you will be able to:
• Understand the benefits of and tactics for conducting scanning and enumeration.
• Perform network and system scans and export the results.
• Capture network traffic and investigate packet-level data.
• Understand how to start and configure Metasploit and its supporting services.
• Perform and customize vulnerability scans and interpret the results.