Trust and Awareness Hijacking

This is a good place to review what an attacker has been able to accomplish so far by performing the attacks that have been discussed throughout this chapter. This will help you to see the information in your newly developed arsenal clearly, and then we can discuss how to use this information to carry out deadly attacks via trust manipulation.

Passive profiling and intelligence scouting demonstrate how you can gather detailed information relating to the organization, including products and services, policies, finances, and external business relationships. You can also gather specific personnel details consisting of individuals' personal information, skills, and internal and external relationships. System enumeration unveils in-depth technical information allowing you to discover the organization's internal workings.

Active web application enumeration allows you to enumerate, access, and fingerprint the organization's web applications, as well as bypass security controls. This allows you to discover low-level, technical information about internal systems, as well as some of the vulnerabilities associated with them. You can then attack and exploit the web applications and web services to attempt to compromise web applications and hosts.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment