- Mastering Kali Linux for Advanced Penetration Testing(Second Edition)
- Vijay Kumar Velu
- 128字
- 2021-07-02 21:04:14
Obtaining user information
Many penetration testers gather usernames and email addresses, as this information is frequently used to log on to targeted systems.
The most commonly employed tool is the web browser, which is used to manually search the target organization's website as well as third-party sites such as LinkedIn or Jigsaw.
Some automated tools included with Kali Linux can supplement manual searches.
Email addresses of former employees can still be of use. When conducting social engineering attacks, directing information requests to a former employee usually results in a redirect that gives the attacker the credibility of having dealt with the previous employee. In addition, many organizations do not properly terminate employee accounts, and it is possible that these credentials may still give access to the target system.
推薦閱讀
- Learn Swift by Building Applications
- Spring Boot企業級項目開發實戰
- 自然語言處理Python進階
- 單片機C語言程序設計實訓100例
- Unity UI Cookbook
- 一塊面包板玩轉Arduino編程
- Spring技術內幕:深入解析Spring架構與設計原理(第2版)
- C++ Application Development with Code:Blocks
- Python程序設計教程
- Mastering ASP.NET Core 2.0
- 實驗編程:PsychoPy從入門到精通
- Apache Solr for Indexing Data
- Switching to Angular 2
- Getting Started with Hazelcast
- Mastering Responsive Web Design