Active Information Gathering

In active information gathering, we interact directly with a system to learn more about it. We might, for example, conduct port scans for open ports on the target or conduct scans to determine what services are running. Each system or running service that we discover gives us another opportunity for exploitation. But beware: If you get careless while active information gathering, you might be nabbed by an IDS or intrusion prevention system (IPS)—not a good outcome for the covert penetration tester.

Port Scanning with Nmap

Having identified the target IP range with passive information gathering as well as the secmaniac.net target IP address, we can begin to scan for open ports on the target by port scanning, a process ...

Get Metasploit now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.