> Pentest > Enumeration vertical divider

Phase 2 - Enumeration - Finding attack vectors

Enumeration During the Enumeration, possible entry points into the company network are identified. To achieve this, the information collected during the previous phase, the Reconnaissance, may be used in particular.

Planning phase

In contrast to Reconnaissance, the pentester is actively querying specific systems during Enumeration, to get as much information as possible about them. This reaches from the obligatory portscan over the direct querying of single services for collecting information to the identification of individual security weaknesses of the tested company, like publicly accessible areas, radio links between separate buildings or access control systems.

Discovering weaknesses

Enumeration means to search for information to identify individual systems and network components, by examining the system as a total. This lets the pentest gain practical relevance, because if a system seems to be technically secure, there still may be serious security weaknesses. One example may be a technically secure password protection, which proves to be worthless the moment an attacker can spy out through a window how a user enters a password. During the Enumeration, the pentester gathers a number of potential flaws, which can be verified or disproved in the Exploitation phase.

The toolbox

RedTeam Pentesting uses a broad variety of software and specialised hardware. In the software area, free and commercial as well as self-developed programs are available. On the hardware side, devices such as keyloggers or specialised WLAN-hardware are used. But hard- and software are only the toolbox for the penetration tester. A successful penetration test lives from the know-how and creativity of the pentester. For the Enumeration, as a preparation for the actual attack, it is inevitable to find access possibilities on the systems which need to be tested in a creative way. Often, these possibilities are not known for years and are a great risk because of their simplicity. RedTeam Pentesting works in a highly team-based environment, to bundle and apply the creativity of the individual pentesters in an optimal way. Especially for Enumeration, this approach pays off for the customer.

All possible problems identified in this phase will then be verified in the next step. Only now actual attacks will be conducted in the context of the collected data, this phase is called Exploitation.