Enumeration (Attack Vectors)

Enumeration Phase

The enumeration phase is the phase where the information of the reconnaissance phase will be in use the first time. The enumeration procedure impacts for example active actions taken by cyber attackers to gain system access and of course the important attack vectors or schemes. Information and Data captured through the reconnaissance phase build an review and overview about the target company. In special later test cases or topics the captured information plays a significant role in the enumeration or exploitation phase.

During enumeration phase, date and information will be systematically captured or tracked. In special cases individual systems, infrastructures or environments are complete identified by our security team during the enumeration phase simulation.

Enumeration ... ?!

An enumeration of a collection of items is a complete, ordered listing of all of the items in that collection. The term is commonly used in mathematics and theoretical computer science to refer to a listing of all of the elements of a set. In statistics the term categorical variable is used rather than enumeration. The precise requirements for an enumeration (for example, whether the set must be finite, or whether the list is allowed to contain repetitions) depend on the branch of mathematics and the context in which one is working. Some sets can be enumerated by means of a natural ordering (such as 1, 2, 3, 4, ... for the set of positive integers), but in other cases it may be necessary to impose a (perhaps arbitrary) ordering. In some contexts, such as enumerative combinatorics, the term enumeration is used more in the sense of counting – with emphasis on determination of the number of elements that a set contains, rather than the production of an explicit listing of those elements.

Next Phase Exploitation

After the reconnaissance and the enumeration -phase, we are prepared for the exploitation phase. Watch as next step the exploitation phase information.

Additional Images: 

Languages

Syndicate

Subscribe to Syndicate

 

© Evolution Security GmbH - IT Security Services | 2024
#PenTesting #PenTest #Penetrationstest #Whitebox #Blackbox #Infosec #Germany
#Kassel #Hessen #Deutschland #Itsec #Audit #Awareness #Europe #International