Skip to content

Enum

Principle:

Our core task is not to exploit the machine but to find how they can be exploited

Our goal is not to get at the systems but to find all the ways to get there.

  • Think of:

Methodology:

  • This is for external PenTests and not internal (Active Directory)

When the PenTest starts:

  1. Layer 1: Internet Presence
  2. The goal of this layer is to identify all possible target systems and interfaces that can be tested.
  3. Layer 2: Gateway
  4. The goal is to understand the interface of the reachable target, how it is protected, and where it is located in the network.
  5. Layer 3: Accessible Services
  6. This layer aims to understand the reason and functionality of the target system and gain the necessary knowledge to communicate with it and exploit it for our purposes effectively.
  7. Layer 4: Processes
  8. The goal here is to understand the functionalities working and identify the dependencies between them.
  9. Layer 5: Privilege
  10. It is crucial to identify these and understand what is and is not possible with these privileges.
  11. Layer 6: OS Setup
  12. The goal here is to see how the administrators manage the systems and what sensitive internal information we can glean from them.