As the Penetration testing methodology it is needed to be used the Open Source Security Testing Methodology Manual in the industry.
What is Open Source Security Testing Methodology Manual (OSSTMM)?
The Open Source Security Testing Methodology Manual (OSSTMM) is an open standard methodology for security tests. Developed by Pete Herzog at the end of 2000 as an ethical hacking framework, it has rapidly grown to become a methodology to assure security at operational level. Version 3, released in 2008, encompasses tests for every security aspect: from personnel qualification to physical security, from control of communication to electronic systems safety. As every standard methodology, it is designed to be consistent and repeatable. Moreover, it is openly available and thus allows a free dissemination and free use.
First it is used the whois database to gather client data.
Next found the DNS information using the host program and used the same command with -a to see any type of information.
Using dnsenum we found the sub domains of the main domain
http://www.@@@.lk. To collect information from a DNS server, we can utilize dnsenum. The DNS information that can be gathered is as follows:
- The host IP addresses
- The DNS server of a domain
- The MX record of a domain
Next using fierce we scanned
@@@.lk to locate non-contiguous IP space and hostnames. The fierce tool is a DNS enumeration tool that uses several techniques to find all of the IP addresses and hostnames of a target.
Next using the deep magic information gathering tool we gathered more information.
Also using deep magic tool we gathered information on port details.
It traced the TCP route form host machine to
http://www.@@@.lk using tcptraceroute tool.
Then used the TheHarvester tool to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database.
S.H.M Lahiru Prabath Balasuriya.