Network Penetration Testing checklist determines vulnerabilities in the network posture by discovering Open ports, Troubleshooting live systems, and services, and grabbing system banners.
The pen-testing helps the administrator to close unused ports, additional services, Hide or Customize banners, Troubleshoot services and to calibrate firewall rules.
You should test in all ways to guarantee there is no security loophole.
Network penetration testing, also known as ethical hacking or white-hat hacking, is a systematic process of evaluating the security of a computer network infrastructure.
The goal of a network penetration test is to identify vulnerabilities and weaknesses in the network’s defenses that could potentially be exploited by malicious actors.
Let’s see how we conduct a step by step Network penetration testing by using some famous network scanners.
1. Host Discovery
Footprinting is the first and most important phase where one gathers information about their target system.
DNS footprinting helps to enumerate DNS records like (A, MX, NS, SRV, PTR, SOA, and CNAME) resolving to the target domain.
- A – A record is used to point the domain name such as gbhackers.com to the IP address of its hosting server.
- MX – Records responsible for Email exchange.
- NS – NS records are to identify DNS servers responsible for the domain.
- SRV – Records to distinguish the service hosted on specific servers.
- PTR – Reverse DNS lookup, with the help of IP you can get domains associated with it.
- SOA – Start of record, it is nothing but the information in the DNS system about DNS Zone and other DNS records.
- CNAME – Cname record maps a domain name to another domain name.
We can detect live hosts, and accessible hosts in the target network by using network scanning tools such as Advanced IP scanner, NMAP, HPING3, and NESSUS.
Ping&Ping Sweep:
[email protected]:~# nmap -sn 192.168.169.128[email protected]:~# nmap -sn 192.168.169.128-20 To ScanRange of IP[email protected]:~# nmap -sn 192.168.169.* Wildcard[email protected]:~# nmap -sn 192.168.169.128/24 Entire SubnetWhois Information
To obtain Whois information and the name server of a website
[email protected]:~# whois testdomain.com- http://whois.domaintools.com/
- https://whois.icann.org/en
Traceroute
Network Diagonastic tool that displays route path and transit delay in packets
[email protected]:~# traceroute google.comOnline Tools
- http://www.monitis.com/traceroute/
- http://ping.eu/traceroute/
2. Port Scanning
Perform port scanning using tools such as Nmap, Hping3, Netscan tools, and Network monitor. These tools help us to probe a server or host on the target network for open ports.
Open ports are the gateway for attackers to enter and install malicious backdoor applications.
[email protected]:~# nmap –open gbhackers.com To find all open ports[email protected]:~# nmap -p 80 192.168.169.128 Specific Portr[email protected]:~# nmap -p 80-200 192.168.169.128 Range of ports[email protected]:~# nmap -p “*” 192.168.169.128 To scan all portsOnline Tools
- http://www.yougetsignal.com/
- https://pentest-tools.com/information-gathering/find-subdomains-of-domain
3. Banner Grabbing/OS Fingerprinting
Perform banner Grabbing/OS fingerprinting such as Telnet, IDServe, and NMAP determines the operating system of the target host and the operating system.
Once you know the version and operating system of the target, you need to find the vulnerabilities and exploit them. Try to gain control over the system.
[email protected]:~# nmap -A 192.168.169.128r[email protected]:~# nmap -v -A 192.168.169.128 with high verbosity levelIDserve is another good tool for Banner Grabbing.
Online Tools
- https://www.netcraft.com/
- https://w3dt.net/tools/httprecon
- https://www.shodan.io/
4. Scan for Vulnerabilities
Scan the network using Vulnerabilities using GIFLanguard, Nessus, Ratina CS, SAINT.
These tools help us in finding vulnerabilities in the target system and operating systems. With these steps, you can find loopholes in the target network system.
GFILanguard
It acts as a security consultant and offers patch Management, Vulnerability assessment, and network auditing services.
Nessus
Nessus is a vulnerability scanner tool that searches for bugs in the software and finds a specific way to violate the security of a software product.
- Data gathering.
- Host identification.
- Port scan.
- Plug-in selection.
- Reporting of data.
5. Draw Network Diagrams
Draw a network diagram about the organization that helps you to understand the logical connection path to the target host in the network.
The network diagram can be drawn by LANmanager, LANstate, Friendly pinger, and Network View.
6. Prepare Proxies
Proxies act as an intermediary between two networking devices. A proxy can protect the local network from outside access.
With proxy servers, we can anonymize web browsing and filter unwanted content such as ads and many others.
Proxies such as Proxifier, SSL Proxy, Proxy Finder..etc, to hide from being caught.
6. Document all Findings
The last and very important step is to document all the Findings from Penetration testing.
This document will help you in finding potential vulnerabilities in your network. Once you determine the Vulnerabilities you can plan counteractions accordingly.
You can download the rules and scope Worksheet here – Rules and Scope sheet
Thus, penetration testing helps in assessing your network before it gets into real trouble that may cause severe loss in terms of value and finance.
Important Tools used for Network Pentesting
Frameworks
Reconnaisance
Discovery
Port Scanning
Nmap, Megaping, Hping3, Netscan tools pro, Advanced port scannerService Fingerprinting Xprobe, nmap, zenmapEnumeration
Superscan, Netbios enumerator, Snmpcheck, onesixtyone, Jxplorer, Hyena,DumpSec, WinFingerprint, Ps Tools, NsAuditor, Enum4Linux, nslookup, NetscanScanning
Password Cracking
Ncrack, Cain & Abel, LC5, Ophcrack, pwdump7, fgdump, John The Ripper,Rainbow CrackSniffing
Wireshark, Ettercap, Capsa Network AnalyzerMiTM Attacks
Exploitation
Metasploit, Core ImpactYou can follow us on Linkedin, Twitter, and Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep yourself self-updated.
Great article you have nailed it, it is very helpful for me.Thank you…
Thank you for your kind words.Your appreciation means a lot to me.
Good Article. By any chance Can I have the Video Tutorial for this, do you have any Youtube Channel?
Thanks for your Feedback. At this time we were not having any youtube channel.
We are in the process of it and let you know once it was launched.
Please support and follow us.
Perfect Representation, Special thanks for adding DNS records with it…
Thank you. I’m glad to hear this.
You can also do vulnerability scanning with nmap…you don’t really need to use other vulnerability scanners as they generate noise in the network and this can result in you IPO being blocked by a firewall or IPS…nmap contains scripts that can be run stealthily in a network without being detected most times.
Hi Charles,
Thanks for your suggestion, we will add Nmap into the List.
[…] https://gbhackers.com/network-penetration-testing-checklist-examples/ […]
… [Trackback]
[…] Read More: gbhackers.com/network-penetration-testing-checklist-examples/ […]
… [Trackback]
[…] Read More on|Read More|Read More Informations here|Here you can find 82790 additional Informations|Informations on that Topic: gbhackers.com/network-penetration-testing-checklist-examples/ […]
… [Trackback]
[…] Read More here|Read More|Read More Informations here|There you can find 64688 more Informations|Informations on that Topic: gbhackers.com/network-penetration-testing-checklist-examples/ […]
… [Trackback]
[…] Read More here|Read More|Read More Informations here|There you will find 14922 more Informations|Informations to that Topic: gbhackers.com/network-penetration-testing-checklist-examples/ […]
… [Trackback]
[…] Read More on|Read More|Find More Infos here|Here you will find 79758 more Infos|Infos on that Topic: gbhackers.com/network-penetration-testing-checklist-examples/ […]