Ethical Hacking: Enumeration Practice (Journal 1)

We were given an assignment and was asked to fulfil the following:

  1. Network and IP Space pentest.id
  2. Enumeration User hackme.pentest.id
  3. Enumeration User Email @pentest.id

 

We were recommended to use the following tools:

  1. wpscan
  2. jooscan
  3. TheHarvester
  4. Google
  5. Nmap

 

The following is my solution:

 

Network and IP Space pentest.id

I used theharvester to check any hostnames IPs available.
I typed the following in terminal:

 

 No need to worry about the “warning” because it is just telling us that theHarvester does not work in any site that has ssl.

The function of -d is to search for any domain or name of a company.
The function of -b is to choose the data source such as bing, google, twitter, etc.


After typing “theharvester -d pentest.id -b google”, I received the results as the following:

 

Enumeration User hackme.pentest.id

I used wpscan to enumerate user from hackme.pentest.id and typed the following:

” –url ” is used to scan the url of the blog we want to scan.

” –enumerate u ” means enumerating users.

 

It produced the result as the following:

 

Enumeration User Email @pentest.id

I used theharvester and typed “theharvester -d pentest.id -b gooogle”, but unfortunately there was no email found.

This entry was posted in Ethical Hacking and Penetration Testing Journal. Bookmark the permalink.

Leave a Reply

Your email address will not be published.