2 hours 37 minutes
Hi, everyone. Welcome back to the course. So in the last video, we talked about the penetration testing methodology, Wheeler. We learned about the different phases. We also talked about what Oh, sin is
in this video. We're gonna talk about different tools that we're gonna cover throughout this course. So all of these air tools that we're gonna use for foot pretty
So as I mentioned, learning objective is really just understanding at a high level, these tools and we'll jump into each one as we actually use it.
So quick, pre assessment question and map is used during the foot printing stage of the penetration testing methodology. So I kind of gave this one away in the last video a little bit. So is this gonna be true or false?
All right, So if he answered false, you are correct. If you remember, end map is gonna be something that we're gonna use in a scanning portion of the methodology. We wouldn't use it in the footprint because again, with scanning, we're actually starting to touch our target. Whereas for the most part of foot printing, we try to maintain a passive approach where we're just using publicly available information.
So several tools we're gonna cover throughout the course. And again, I've just got some screenshots of what each one looks like and will actually show you the tools throughout the rest of this course. So, Ennis, look, oppa's I mentioned his command and the Windows command line who is showed an multi go different searches, et cetera, et cetera. So let's just jump into these.
So and it's look up. This is one example of a switch screenshot courtesy of the sis at mons dot co dot UK. There, block over there. But again, we're gonna cover this and actually, have you do some hands on for anise? Look up. This is just a good way to look up. Different name Server's on our target
along with I p addresses
who is a great resource. I use this one a lot for for different researching. So, for example, here I've just done Microsoft dot com and in our lab will actually use I can't cite. There are some different sites. If you Google, who is you'll find different websites. I prefer the ICANN one. It just seems a little more legit. Of course, they could be selling my information,
but I'm okay with that.
I don't really care about that too much, but we sign another site, for the most part, is a twist relatively safe. So I like to use them now. They will make you verify you're not a robot, and we'll talk about that in the lab on how you do that. But you'll see here just in this quick screen shy, you see, we can get some information about Microsoft. We get an address phone number of fax machine, fax number.
Um, does anybody really fax anymore? But anyways,
we got an email address, et cetera, et cetera. So there's some good information we get from this publicly available source
showdown. It's commonly known as a hacker. Search engines. We'll get. We'll jump into this. Now I have a showdown account. That's a paid version. So I'll talk about that as we do the actual lab for this particular thing. But on a free account, you can you know, you could look up some basic information. Now you will need to register for the site so they make it register, make sure you're human
and then verify your email address. So if you haven't.
If you don't have a showdown account, just go ahead. You know, you could pause this video. Go to show, dan dot io grow quick or units Wait till you get to that lab portion of it and then get signed up for an account. Get verified. And that way you can actually do the lab
search engine. So, you know, Well, I'll focus on Google for the search engine that I use, but you can use, you know, being yahoo ducked up. Go whatever you want to use. Personal preference there. Most people use Google, and that's kind of why I chose that.
Multi. Go. We'll talk about what that tool is and what it kind of allows you to do. Ah, great tool, by the way, and we'll talk, we'll use a free version. So the community addition in our lap But there is a paid version. So if you decide you want to work as a penetration tester, I highly recommend that you purchased are, you know, have your employer hopefully purchased the paid version of
HT tracks. So we're gonna actually use this for a website nearing. We'll talk about what All that is in the actual lab.
The harvester is another tool we're gonna use that could give us information about, uh, you know, against the domain so we could find out publicly, publicly available information. We can also find information from showdown on That particular domain is will
recount. Angie is another popular tool that's used in foot printing.
As I mentioned, we're gonna cover like social Media and then kind of along those lines with that social engineering as well. You know, our lab will be kind of split, so we'll, we'll look at a target on social media. And that will also do a lab where we do more of the social engineering, the fishing aspect. So we'll use the social engineering tool kit in that second.
So a couple post assessment questions here. So question number one. This tool can give you a visual map of the target and associated information.
So I didn't specifically state this, but from the visuals in all the previous slides, which one do you think kind of gives you that visual map of a target
***? If you guessed if you guess answer. Be multi. Go. You are correct again. That was the only one That kind of looked like a map. Most of the other things we were looking at were command line tools. So again, recount and G is a command line tool showed And Google Dorking. So Google Dorking, which bull will cover when we do the Google hacking database stuff?
Google Dorking is basically just using different commands to search Google, right? So
I'm trying to search for particular things. And then, of course, we talked about showdown being the hacker search engine. So it shows you
various potentially vulnerable devices out of the way. So things, you know, like your camera, your home router, those sorts of things.
All right, so our second question here in the course, we will use this tool. The mirror website. So actually did mention this one. Which one do you think that is?
Parts. If you guess the last answer their HT track. You are correct. So, again, 80 track is a tool we're gonna use for Miria website. We'll talk about what that actually is. When we go to that lab and then you know, again, we'll tango re Kon Angie. And then who is Ah, I can't say that. I showed you that we sat. So one I use for my who is look ups and again that's gonna show us things about the particular domain.
You know, for a phone number, address, fax number, email address
are. So in this video, we covered the tools that we're gonna cover throughout this course again. We just hit him at a very high level, and the next video, we're actually gonna I'm actually gonna show you where you can go to get virtual box for download as well as Kelly Olynyk. So I show you both spots. Now, again, I'm not gonna show you the actual installation of those. It's a very, fairly straightforward process.
And if you need help with that at all,
uh, you can you can ping me. But the best route is actually just going to YouTube and searching for your particular device type. So whether you're running Mac Lennix windows and you're no, if you're running like a Dell computer or Mac book pro or you know, whatever the case might be, look up your particular machine. That way you can get the best troubleshooting for your particular machine and not
I have to go through a lot of frustrating moments.
I also look forward to seeing you in the next video