Recon in Red Team Engagements – Digitalmunition




Home Forums Recon in Red Team Engagements

This topic contains 1 reply, has 2 voices, and was last updated by  silverslides 1 month, 1 week ago.

  • Author
    Posts
  • #278388

    anonymous
    Participant

    Hey everyone,

    How are you guys performing stealthy scanning in red team engagements or ‘quietly’ once an initial foothold has been gained on a network?

    I’ve heard a few different things like avoiding nmap and using masscan at an extremely slow rate to using nmap and only targeting a limited range of ports with a stealth scan. Thought it’d be best to ask everyone here what their methods are for performing stealthy scans and avoiding detection on internal engagements.

  • #278389

    silverslides

    I don’t know them by heart but some scanning is possible with powershell, netcat,telnet,curl,wget

  • #278390

    dantose

    First foothold into a network? Go passive first. netneighbors and hosts file.

You must be logged in to reply to this topic.