Learn how to identify the ports and services passively using the information collected by Shodan.
- [Instructor] Shodan is an internet repository…which maintains indexes of the services…presented to the internet…by a vast number of internet servers.…In essence, it's a service directory for the internet.…This can provide a very fast way to identify…the common services that are available on a target…if that target has been indexed by Shodan.…Shodan offers a free community service…and there's a low-cost, one-time paid service.…While free membership restricts the number of results…that we can see,…it's adequate to learn how to use Shodan.…
I have an account and I'm logged in.…Let's assume we have a target, 126.96.36.199,…that we wish to pen test.…We can use Shodan to see whether this server exists…by entering its IP address.…
Okay, we've found the server…and Shodan displays the open TCP services.…We can see that it has ports 80, 143, 443,…and 8090 open.…It's useful to do a quick scan down this information…to see how recently it was added.…We can see that the website response…shows 18th of August 2018.…That's a very recent addition,…
- Using Masscan for rapid full-service scanning
- Passive scanning with Shodan
- Using Nmap scripts
- Scanning with Reconnoitre and Vanquish
- Diagnosing uncommon ports
- Enumerating Drupal, WordPress, and Joomla sites
- Enumerating in the Linux shell
- Using the JAWS PowerShell script
Skill Level Advanced
Penetration Testing: Advanced Kali Linuxwith Malcolm Shore2h 22m Intermediate
Ethical Hacking: Penetration Testingwith Lisa Bock1h 20m Intermediate
Penetration Testing Essential Trainingwith Malcolm Shore2h 29m Intermediate
1. Identifying Services
2. Enumerating Services
3. Enumerating Web Servers
4. Further Enumeration
Enumerating inside Windows4m 41s
What's next1m 39s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.