Info gathering and Vulnerability Identification Flashcards
Recon-ng Modules
Recon modules - for reconnaissance activities;
Reporting modules - for reporting results on a file;
Import modules - for importing values from a file into a database table;
Exploitation modules - for exploitation activities;
Discovery modules - for discovery activities.
Open-source web reconnaissance framework written in Python
Recon-NG
CWE basic identifiers
Weakness ID (i.e., “CWE-941”)
• Description of the weakness
• Extended description of the weakness
• Relationships to other views (i.e., research, development, architectural, etc.)
• Modes of introduction (when the weakness is introduced)
• Applicable platforms (software languages, operating systems, etc.)
• Common consequences (i.e., scope, impact, and likelihood)
• Likelihood of exploit
• Potential mitigations
• Memberships (shows additional categories or views that reference this weakness)
capec domains
Social engineering Exploitation and manipulation of people
- Supply chain Manipulating computer hardware/software within the supply chain lifecycle
- Communications Communication and protocol exploitation
- Software Exploitation of software applications
- Physical security Exploitation of physical security weaknesses (bypass, theft, or destruction)
- Hardware Exploitation of physical hardware used in computer systems
RTOS common weaknesses
Denial of service (DoS)
- Code execution
- Overflow
- Memory corruption
- Gain information (information disclosure)
- Gain privileges (privilege escalation)
