Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Blind penetration testing

From: Ilici Ramirez <ilici_ramirez () yahoo com>
Date: Wed, 3 Oct 2001 05:14:07 -0700 (PDT)
Some hints for reconnnaissance only:

1. review content of their web pages, download them
localy 
- look for names, emails, phone numbers, technologies
- search for scripts or asp included in html -
programming bugs, overflows, comments, etc.

2. search google and newsgroups for emails from the
company - they can discuss about their security
problems

3. deep whois, dns interrogation - you will obtain
their addresses - try www.geektools.com

4. network recconaissance - scanning - available
hosts, services, banners, OSes

good luck.

Ilici R



__________________________________________________
Do You Yahoo!?
Listen to your Yahoo! Mail messages from any phone.
http://phone.yahoo.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: