Recent

  • Show all results for ""
quiz image
By @albatty

Adversary Lifecycle and Reconnaissance Techniques

FastGrowingSloth avatar
FastGrowingSloth
·
·
Download

Start Quiz

Study Flashcards

18 Questions

What type of information about the victim's network topology can adversaries gather for targeting purposes?

Physical and logical arrangement of network environments

Which tool can be used for vulnerability scans on the victim's network?

OpenVAs

How can adversaries utilize gathered IP addresses during targeting?

To derive organizational size and physical location

What kind of information might public IP addresses reveal about a victim?

Organizational size and physical location

Which aspect of network topology might adversaries focus on for gathering information?

Arrangement of internal network environments

Which tool can be used to discover IP addresses in a network?

nmap -sP target_ip_range

What type of reconnaissance involves adversaries probing victim infrastructure via network traffic?

Active scanning

Which phase of the adversary lifecycle involves finding weak points and preparing for actions like sending phishing attempts?

Initial Access

Which form of reconnaissance does not involve direct interaction with the victim infrastructure?

Passive scanning

What is the primary purpose of active reconnaissance scans by adversaries?

To gather information for targeting

How do hackers typically leverage information gathered during reconnaissance for post-compromise objectives?

To send phishing attempts

What is the goal of adversaries using public DBs or websites providing OSINT services during the reconnaissance phase?

To gather information for planning Initial Access

What is the main difference between active and passive reconnaissance scans?

Active scans involve probing network traffic, while passive scans do not involve direct interaction.

What is the purpose of scanning IP blocks during network reconnaissance?

To check the compatibility of target host/application with specific exploits.

What is the goal of wordlist scanning during network reconnaissance?

To identify content and infrastructure rather than valid credentials.

Why do adversaries scan victims for vulnerabilities during reconnaissance?

To gather information for targeting purposes.

How do adversaries typically check for vulnerabilities in a target host/application?

By scanning for misconfigurations or outdated software versions.

What distinguishes wordlist scanning from brute force attacks during reconnaissance?

Wordlist scans focus on identifying valid credentials, while brute force attacks aim to uncover content and infrastructure.

Study Notes

Reconnaissance and Active Scanning

  • Adversaries use active reconnaissance scans to gather information about victims during targeting
  • Active scans involve probing victim infrastructure via network traffic, unlike passive scans
  • Scanning IP blocks can help adversaries gather information about victims, including IP addresses allocated to organizations by block or range

Vulnerability Scanning

  • Adversaries use vulnerability scans to identify potential vulnerabilities in victims' systems
  • Scans check if target host/application configurations (e.g., software and version) align with specific exploits
  • Tools like OpenVAs, Nessus, and Metasploit can be used for vulnerability scans

Wordlist Scanning

  • Adversaries use wordlist scanning to identify content and infrastructure using brute-forcing and crawling techniques
  • Wordlists may contain generic, commonly used names and file extensions or terms specific to software
  • Gathered information can be used to plan and execute Initial Access, scope and prioritize post-compromise objectives, or drive further Reconnaissance efforts

Network Information Gathering

  • Adversaries gather information about network topology, including physical and logical arrangements of external-facing and internal network environments
  • Information gathered may include network devices (gateways, routers, etc.) and other infrastructure details
  • Tools like nmap can be used to gather network information, including IP addresses

IP Address Gathering

  • Adversaries gather information about victims' IP addresses, including allocated IP addresses and usage details
  • IP addresses can reveal information about organizational size, physical location, Internet service provider, and publicly-facing infrastructure hosting

Learn about how adversaries leverage gathered information in various phases of the adversary lifecycle, including planning Initial Access and post-compromise objectives. Explore active reconnaissance scanning techniques and the use of gathered information in driving further Reconnaissance efforts.

Make Your Own Quizzes and Flashcards

Convert your notes into interactive study material.

Get started for free

More Quizzes Like This

Vocabulary Quiz: Adversary, Augment, Beguile, Commend
8 questions

Vocabulary Quiz: Adversary, Augment, Beguile, Commend

SteadfastChalcedony avatar
SteadfastChalcedony
Vocabulary Quiz: Adversary, Augment, Beguile, Commend
19 questions

Vocabulary Quiz: Adversary, Augment, Beguile, Commend

FeatureRichSpessartine avatar
FeatureRichSpessartine
Vocabulary Quiz: Adversary, Augment, Beguile and More
3 questions

Vocabulary Quiz: Adversary, Augment, Beguile and More

FeatureRichSpessartine avatar
FeatureRichSpessartine
The Adversary: Satan in Christianity
40 questions

The Adversary: Satan in Christianity

CatchyBlankVerse avatar
CatchyBlankVerse
Use Quizgecko on...
Browser
Open
Browser
Browser