Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

DNSRecon

Download as pptx, pdf, or txt
Download as pptx, pdf, or txt
You are on page 1of 15
At a glance
Powered by AI
The document discusses various techniques for cybercrime reconnaissance including DNS reconnaissance, host discovery through ping sweeps, traceroutes, and whois lookups. It also covers port scanning, banner grabbing, and OS fingerprinting.

Common tools mentioned for reconnaissance include DNSRecon, Nmap, Angry IP Scanner, Maltego, and online tools like yougetsignal.com.

Nmap is mentioned for port scanning specific ports, port ranges, and all ports. Techniques include finding all open ports on a host.

Cybercrime

RECONAISSANCE
Reconaissance
• DNSRecon provides the ability to perform:
• Check all NS Records for Zone Transfers
• Enumerate General DNS Records for a given Domain (MX, SOA, NS, A, AAAA, SPF and TXT)
• Perform common SRV Record Enumeration. Top Level Domain (TLD) Expansion
• Check for Wildcard Resolution
• Brute Force subdomain and host A and AAAA records given a domain and a wordlist
• Perform a PTR Record lookup for a given IP Range or CIDR
• Check a DNS Server Cached records for A, AAAA and CNAME Records provided a list of host records in a text
file to check
• Enumerate Common mDNS records in the Local Network Enumerate Hosts and Subdomains using Google
Command Execution

kali@kali:/$ dnsrecon
Command Execution

kali@kali:/$ dnsrecon
Cybercrime
HOST DISCOVERY
Performing Host Discovery
• Scan a Single IP
• c:\> nmap -sn 192.168.1.0
• Scan a Range of IP
Ping & Ping Sweep • c:\> nmap -sn 192.168.169.128-20
• Scan a Range of IP using wildcard
• c:\> nmap -sn 192.168.169.*
• Scan an entire subnet
• c:\> nmap -sn 192.168.169.128/24 Entire
Subnet
Performing Host Discovery
To obtain Whois information and name server of
a webiste:
• Run the command
– c:\SysinternalsSuite> whois.exe -v
Whois Information example.com
OR
• Visit the websites:
– http://whois.domaintools.com/
– https://lookup.icann.org/
Performing Host Discovery
Network Diagnostic tool that displays route path
and transit delay in packets
• Find a domain IP address
Traceroute • c:\> tracert 192.168.1.0
Cybercrime
PORT SCANNING
Performing Host Discovery
Perform port scanning using tools such as Nmap, Hping3, Netscan tools, Network
monitor. These tools help us to probe a server or host on the target network for open
ports.
Open ports are the gateway for attackers to enter in and to install malicious backdoor
applications.
• To find all open ports
Port Scanning • c:\> nmap nmap –open domain.com      
• To find specific port     
• c:\> nmap -p 80 192.168.169.128
• To find range of ports
• c:\> nmap -p 80-200 192.168.169.128 
• To scan all ports
• c:\> nmap -p “*” 192.168.169.128
Online Tools
• http://www.yougetsignal.com/
• https://pentest-tools.com/information-gathering/find-subdomains-of-domain
Performing Host Discovery
Online Tools
http://www.yougetsignal.com/

Port Scanning
Cybercrime
BANNER GRABBING/OS FINGERPRINTING
Performing Host Discovery
Perform banner Grabbing/OS fingerprinting such as Telnet, IDServe,
NMAP determines the operating system of the target host and the
operating system.
Once you know the version and operating system of the target, we
need to find the vulnerabilities and exploit. Try to gain control over
Port Scanning the system.
• c:\> nmap -A 192.168.1.0
with high verbosity level
• c:\> nmap -v -A 192.168.1.0
Online Tools
• https://www.netcraft.com/
• https://w3dt.net/tools/httprecon
• https://www.shodan.io/
Cybercrime
IMPORTANT TOOLS USED FOR NETWORK PENTESTING
Important Tools used for Network Pentesting
Frameworks Scanning
Kali Linux, Backtrack5 R3, Security Onion
Nessus, GFI Languard, Retina,SAINT, Nexpose
Reconnaisance
Password Cracking
Smartwhois, MxToolbox, CentralOps, dnsstuff, nslookup,
DIG, netcraft Ncrack, Cain & Abel, LC5, Ophcrack, pwdump7,
Discovery fgdump, John The Ripper,Rainbow Crack
Angry IP scanner, Colasoft ping tool, nmap, Maltego, Sniffing
NetResident,LanSurveyor, OpManager
Wireshark, Ettercap, Capsa Network Analyzer,
Port Scanning
Bettercap
Nmap, Megaping, Hping3, Netscan tools pro, Advanced
port scannerService Fingerprinting Xprobe, nmap, zenmap MiTM Attacks
Enumeration Cain & Abel, Ettercap, Bettercap
Superscan, Netbios enumerator, Snmpcheck, onesixtyone,
Exploitation
Jxplorer, Hyena,DumpSec, WinFingerprint, Ps Tools,
NsAuditor, Enum4Linux, nslookup, Netscan Metasploit, Core Impact

You might also like