Enumeration in computer security, is a phase or process to creates active connections to system and performs direct queries to gain more information about the target.
There are quite a number of techniques to perform enumeration. For examples, some sites use Wordpress and the default admin credentials could be a way to gain more information, if the default credentials are still intact; brute force techniques to find valid user name; using tools like SuperScan to detect open ports on a target computer; and so on.
With this further information, a hacker could proceed to plan for the system hacking. This is one of the step in pre-attack phase.
Further reads:
- https://resources.infosecinstitute.com/what-is-enumeration/
- https://resources.infosecinstitute.com/process-scanning-and-enumeration/
No comments:
Post a Comment