Enumeration
Enumeration is a process during information gathering where attackers gather very specific information. Unlike passive information gathering, during enumeration, an attacker actively connects to a target and collects specific information. Since the attacker is connected to the target, the attacker can send direct queries to the target to collect specific information, which is useful to exploit a system to gain system access. During the enumeration phase, attackers will try to gather information such as the following:
- Users and group names
- Network and file shares
- Computer names
- Application-related information or banners
- Routing and Address Resolution Protocol (ARP) tables
- DNS information
- User lists from web applications and Active Directory (AD)
Enumeration is an important phase and attackers use a range of techniques to enumerate targets. Depending on the target, attackers change the technique as well. The most common enumeration techniques...
