Target discovery and information gathering

As the Penetration testing methodology it is needed to be used the Open Source Security Testing Methodology Manual in the industry.

What is Open Source Security Testing Methodology Manual (OSSTMM)?

The Open Source Security Testing Methodology Manual (OSSTMM) is an open standard methodology for security tests. Developed by Pete Herzog at the end of 2000 as an ethical hacking framework, it has rapidly grown to become a methodology to assure security at operational level. Version 3, released in 2008, encompasses tests for every security aspect: from personnel qualification to physical security, from control of communication to electronic systems safety. As every standard methodology, it is designed to be consistent and repeatable. Moreover, it is openly available and thus allows a free dissemination and free use.

Gathering information

First it is used the whois database to gather client data.



Next  found the DNS information using the host program and used the same command with -a to see any type of information.





Using dnsenum we found the sub domains of the main domain To collect information from a DNS server, we can utilize dnsenum. The DNS information that can be gathered is as follows:
  • The host IP addresses
  • The DNS server of a domain
  • The MX record of a domain




Next using fierce we scanned to locate non-contiguous IP space and hostnames. The fierce tool is a DNS enumeration tool that uses several techniques to find all of the IP addresses and hostnames of a target.



Next using the deep magic information gathering tool we gathered more information.





Also using deep magic tool we gathered information on port details.



It traced the TCP route form host machine to using tcptraceroute tool.



Then used the TheHarvester tool to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database.

12 (1)




S.H.M Lahiru Prabath Balasuriya.













Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s