Ethical Hacking

Cyber Reconnaissance Assessment

This was my capstone project for my Bachelor's Degree: Participated and contributed to a Reconnaissance of Idaho Government Systems along side and sanctioned by the Idaho Army National Guard. This project involved:

  • Reconnaissance of the partner's network.
  • Scanning and Enumeration of vulnerable targets.
  • Debrief for the partner executives.
The project took place over 5 days, with my group working for 4 hours each day. The primary objective of this project was the live training of tools to perform Reconnaissance on the partner network and provide results of any possible attack vectors we come across. The tools used during this project were Wireshark, Nmap / Zenmap and Ping Castle.
  • Phase: Passive Reconnaissance
  • Tool used: Wireshark
  1. During this phase we were undetectable in the partner network. This tool was invaluable for setting up a network mapping of the environment and giving us a solid direction for what targets to focus in the next phases. This tool allowed us to enumerate 3 subnets on our slice of the pie to investigate and what assets were the domain controllers.
  • Phase: Active Reconnaissance
  • Tool Used: Nmap / Zenmap
  1. During this phase we started with stealth scans and were making little noise, only to later turn up the heat so the blue team could see what the traffic looked like. We used Zenmap and Nmap to further enumerate the targets we decided on in the passive reconnaissance phase, allowing us to begin to plan on what our potential targets would be.
  • Phase: Target Validation and Vulnerability Reporting
  • Tool Used: Ping Castle
  1. This phase was using Ping Castle to further validate information we had on our targets and to paint a large picture of the flaws within the environment which was seen. Using this tool we were able to validate the issues we identified in the first two phases and even more as the tool scans entire domains.
  • Phase: Reporting to stakeholders
  • Tool Used: Presentation Skills and Applications
  1. Using the total findings we found over the 5 day assessment period, we were required to compile the information of the issues we found from reconnaissance. This brief included various stakeholders in the partner environment as well as sponsor representatives.