Book Image

Learning Penetration Testing with Python

By : Christopher Duffy
Book Image

Learning Penetration Testing with Python

By: Christopher Duffy

Overview of this book

Table of Contents (19 chapters)
Learning Penetration Testing with Python
Credits
Disclaimer
About the Author
Acknowlegements
About the Reviewers
www.PacktPub.com
Preface
Index

Creating targeted usernames


When targeting organizations, especially at the perimeter, the easiest way in is to compromise an account. This means that you get at least the basic level of access of that person and can find ways to elevate your privileges. To do that, you need to identify realistic usernames for an organization. The multiple ways to do this include researching of people who work for the organization through sites like http://www.data.com/, https://www.facebook.com/, https://www.linkedin.com/hp/, and http://vault.com/. You can automate some of this with tools like the Harvester.py and Recon-ng, which source Internet exposures and repositories.

This initial research is good, but the amount of time you typically have to do this is limited, unlike malicious actors. So what you can do to supplement the data you find is generate usernames and then verify them against a service port like SMTP with VRFY enabled or Finger. If you find these ports open, especially on the Internet for...