Internal Pentest Template

Scope

Generate IP list from IP range

prips mySubnetRange

Operations Checklist

1. Enumerate interesting assets in the infrastructure

Domain Controllers

Command(s)

sudo masscan -iL myIPListFile -p88,636, --rate 100 -oG scans/internal_lan/masscan/internal_lan_dc_discovery_masscan.scan -v -e myNetworkInterface --router-ip myGatewayIP
sudo masscan -iL myIPListFile -p139,389,636,9389,3268,3269 --rate 100 -oG 10.0.0.0-8_dc_discovery_masscan.scan -v -e myNetworkInterface --router-ip myGatewayIP
dig @yourDomainControllerIP yourDomain.local

Value(s)

TODO: Add IP from the Domain Controllers servers

Windows Exchange Server

Command(s)

sudo masscan 10.0.0.0/8 -p587 --rate 10000 -oG 10.0.0.0-8_exchange_discovery_masscan.scan -v -e myNetworkInterface --router-ip myRouterIP

Value(s)

TODO: Add IP from the exchange servers

Launch Gowitness to get screenshots of web portal

gowitness file -f myScopeFile -P ./scans/gowitness
PreviousTemplatesNextLinux Basic Commands

Last updated

Was this helpful?