Here we can see, “Pentest Checklist”
Network Penetration Testing Checklist
What is Penetration Testing?
Penetration testing is the procedure of analyzing a network because of its safety vulnerabilities by trained safety specialists (e.g. penetration evaluations or malicious hackers). The purpose of this type of test is to fortify the security vulnerabilities that the system might comprise, so the hacking system does not readily exploit (or take advantage of). It assists in detecting Open vents, Troubleshooting live programs, services and catching system banner ads.
List of top Network Pentest checklist
1. Host Discovery
2. Port Scanning
3. Banner Grabbing/OS Fingerprinting
4. Scan for Vulnerabilities
5. Draw Network Diagrams
6. Prepare Proxies
7. Document all Findings
Let us explain in short.
1. Host Discovery
Footprinting is your very initial and essential stage where data on your target process is accumulated.
DNS footprinting helps record DNS records, for example (A, MX, NS, SRV, PTR, SOA, CNAME) from the target domain name.
A— An album can be used to stage the domain, such as cybersguards.com, to its own hosting host’s IP address.
MX— Mail exchange documents accountable.
NS— NS documents identify the DNS servers in control of the domain name.
SRV— Distinguish documents for the support hosted on specific servers. PTR– Reverse DNS search; you may use the IP to connect the domain name with it.
SOA— Record beginning; it is nothing but info regarding the DNS Zone and other DNS records from the DNS program.
CNAME– Cname maps a domain to another domain.
Live hosts, reachable hosts from the target network could be discovered using system scanning tools such as Advanced IP Scanner, NMAP, HPING3, NESSUS.
Ping & Ping Sweep:
root@kali:~# nmap -sn 192.168.169.128
root@kali:~# nmap -sn 192.168.169.128-20 To ScanRange of IP
root@kali:~# nmap -sn 192.168.169.* Wildcard
root@kali:~# nmap -sn 192.168.169.128/24 Entire Subnet
Whois data
To acquire Whois name and information host of a Site.
root@kali:~# whois testdomain.com
http://whois.domaintools.com/
https://whois.icann.org/en
Traceroute
Network Diagnostic tool which shows route transit and path delay in programs
root@kali:~# traceroute google.com
Online Tools
http://www.monitis.com/traceroute/
http://ping.eu/traceroute/
2. Port Scanning
Conduct port scanning tools like Nmap, Hping3, Netscan, Network monitor. These tools enable us to examine a host or server for open ports around the target system.
The open vents would be the gateway to allow attackers to install and enter malicious backdoor software.
root@kali:~# nmap –open cybersguards.com To find all open ports
root@kali:~# nmap -p 80 192.168.123.126 Specific Port
root@kali:~# nmap -p 80 192.168.123.126 Range of ports
root@kali:~# nmap -p “*”192.168.123.126 To scan all ports
Online Tools
http://www.yougetsignal.com/
https://pentest-tools.com/information-gathering/find-subdomains-of-domain
3. Banner Grabbing/OS Fingerprinting
Banner Grabbing / OS fingerprinting such as Telnet, IDServe, NMAP decides the target audience and operating platform.
When you understand the target model and operating platform, we will need to recognize and exploit the vulnerabilities. Attempt to acquire the system controller.
root@kali:~# nmap -A 192.168.123.126
root@kali:~# nmap -v -A 192.168.123.126 with high verbosity level
Online Tools
https://www.netcraft.com/
https://w3dt.net/tools/httprecon
https://www.shodan.io/
4. Vulnerabilities scanning
Scan the system with GIFLanguard, Nessus, Retina CS, SAINT vulnerabilities.
These tools enable people to recognize vulnerabilities in the target system and functioning systems. You’re able to discover loopholes in the target system with these measures.
GFILanguard
It functions as a security adviser and provides patch management, vulnerability appraisal, and community auditing services.
Nessus
Nessus is a vulnerability scanner tool that seems like a bug in the program and finds a particular method to violate application safety.
- Data collection
- Identification of the server
- Port scan
- Choice of the plugin
- Data reporting
5. Draw Network Diagrams
Draw a company network diagram that makes it possible to comprehend the network server’s logical system link route. LAN manager, LANstate, Favorable pinger, community perspective can draw on the network diagram.
6. Prepare Proxies
Train acts as a connection between two media devices. A proxy could shield the LAN from outside access.
We could anonymize web surfing with proxy servers and filter unwanted articles such as advertisements and lots more.
To conceal you from becoming captured, proxies such as Proxifier, SSL Proxy, Proxy Finder, etc.
7. Document all results
The final and most crucial step would be to record all of the Penetration test customs.
This document gives you the capacity to recognize possible vulnerabilities inside your system. After the vulnerabilities are decided, you can program counteractions accordingly.
You can download the principles and range of the worksheet here rules and extent sheet. Consequently, Pentest Checklist will help evaluate your system until it gets into actual issues that may result in severe declines in finance and value.
Important Tools used for Network Pen-testing
Frameworks
Kali Linux, Backtrack5 R3, Security Onion
Reconnaisance
Smartwhois, MxToolbox, CentralOps, dnsstuff, nslookup, DIG, netcraft
Discovery
Angry IP scanner, Colasoft ping tool, nmap, Maltego, NetResident,LanSurveyor, OpManager
Port Scanning
Nmap, Megaping, Hping3, Netscan tools pro, Advanced port scannerService Fingerprinting Xprobe, nmap, zenmap
Enumeration
Superscan, Netbios enumerator, Snmpcheck, onesixtyone, Jxplorer, Hyena,DumpSec, WinFingerprint, Ps Tools, NsAuditor, Enum4Linux, nslookup, Netscan
Scanning
Nessus, GFI Languard, Retina,SAINT, Nexpose
Password Cracking
Ncrack, Cain & Abel, LC5, Ophcrack, pwdump7, fgdump, John The Ripper,Rainbow Crack
Sniffing
Wireshark, Ettercap, Capsa Network Analyzer
MiTM Attacks
Cain & Abel, Ettercap
Exploitation
Metasploit, Core Impact
These are the absolute most crucial checklist you ought to center on networking testing.
