Scanning and examining targets for reconnaissance
Scanning is one of the essential portions of testing AWS. Scanning allows you to see the overall posture of your instances and their environment. Doing so will enable you to view open ports, vulnerabilities, and service versions that an attacker may be able to exploit easily. As we move through this book, we will begin to use more and more scanning techniques and execute them to enumerate and exploit services.
In a real pentesting scenario, you would typically have a list of assets that needed to be scanned – unless this is a black-box assessment, in which case you would not know any information about the network. You then take the list of assets and scan them with various tools. If you use a tool such as Nmap, your primary mission would be to discover open ports and services. Ports allow us different avenues into systems, and the services running on them can sometimes give us an easy way in if the service is vulnerable and...
