Jan
26
In the continuation of our Pentesting 101 series we dive deeper into fingerprinting. During the remainder of this series, we will display nmap screenshots. We recommend reading the command line switches here to familiarize yourself with the information before the next section of the article is released. It’s worth it to take a moment to read the command line switches on this page to familiarize yourself with the upcoming set of screenshots. Read More
Jan
12
So far in the introduction to penetration testing series of articles, we have covered non-intrusive ways of gathering intelligence on a target network. Using Technical and Human OSINT helped create a picture of the target network that is subject to a penetration test through unobtrusive means. If you’re just joining us in this series, we define Technical OSINT as gathering technical data on a target network through tools and web searches. Human OSINT is gathering data on the human aspect of the... Read More
Dec
29
When gathering initial information, penetration testers need to focus on an organization’s human element. In the last article, we covered the technical aspects of Open Source Intelligence or OSINT. OSINT traditionally comes in two different forms, Technical and Human. For penetration tests, it is equally important to know the human aspect of the target network just as well as knowing the technical aspects. Read More
Dec
22
One of the most comprehensive ways to gather Technical OSINT on a penetration testing target is to use a search engine called “Shodan.” Shodan isn’t a normal search engine like Google or DuckDuckGo. What Shodan does is scan the internet for devices.  Read More
Dec
15
IT teams that access dark forums for cyber security intelligence are urged to use caution and practice transparency. While dark markets and the dark web can provide valuable information for cyber security professionals, organizations and individuals need to follow laws and regulations and maintain open lines of communication with law enforcement to avoid major investigative scrutiny. That’s what the DOJ is saying in a recently published report outlining the intricacies of accessing the Dark... Read More
Dec
03
Modern businesses face critical risks from cyber security threats such as phishing, malware and ransomware. Organizations must train employees to detect, respond, manage, and thwart cyber attacks. Cybersecurity awareness training plays a critical role in building a resilient enterprise security infrastructure. Non-technical employees are often the first line of defense for organizations looking to thwart cyber security breaches. Yet, security training is often exclusively confined to... Read More

Subscribe to INE Blog Updates

New Blog Posts!