Ettercap is extremely effective at credential harvesting in unencrypted traffic like telnet, FTP, SSHv1, and many others. From there, Ettercap can sniff and intercept traffic as well as potentially exploiting traffic flowing from the infected hosts through the hop point. Ettercap uses ARP cache poisoning to attack other hosts on the network. Ettercap is an excellent tool for such an occasion. If the penetration testing target is exclusively Windows, using Covenant C2 might be worth it.įrom the initial compromise, other actions can be taken such as man-in-the-middle attacks. Covenant is heavily focused on Active Directory and Windows-based networks rather than being the “jack of all trades” like Metasploit. It is a PowerShell based framework like Metasploit and can run on Kali Linux. Covenant picked up where PowerShell Empire left off. There are other frameworks out there that work similar to Metasploit, like Covenant. In some networks, it might not be feasible to use Metasploit for the penetration test engagement. In Part 2, we will cover other tools to use during a penetration test as well as troubleshooting techniques. In Part 1 of Pentesting 101: Surveying, we discussed the Metasploit framework and how to create a database of network and host information in addition to how you can route packets and connections through a host.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |