Internal Pentest Template

Scope

Generate IP list from IP range

prips mySubnetRange

Operations Checklist

1. Enumerate interesting assets in the infrastructure

Domain Controllers

Command(s)

sudo masscan -iL myIPListFile -p88,636, --rate 100 -oG scans/internal_lan/masscan/internal_lan_dc_discovery_masscan.scan -v -e myNetworkInterface --router-ip myGatewayIP

sudo masscan -iL myIPListFile -p139,389,636,9389,3268,3269 --rate 100 -oG 10.0.0.0-8_dc_discovery_masscan.scan -v -e myNetworkInterface --router-ip myGatewayIP

dig @yourDomainControllerIP yourDomain.local

Value(s)

TODO: Add IP from the Domain Controllers servers

Windows Exchange Server

Command(s)

sudo masscan 10.0.0.0/8 -p587 --rate 10000 -oG 10.0.0.0-8_exchange_discovery_masscan.scan -v -e myNetworkInterface --router-ip myRouterIP

Value(s)

TODO: Add IP from the exchange servers

Launch Gowitness to get screenshots of web portal

gowitness file -f myScopeFile -P ./scans/gowitness

PreviousTemplates NextLinux Basic Commands

Last updated 4 years ago

hashtagScope

hashtagGenerate IP list from IP range

hashtagOperations Checklist

hashtag1. Enumerate interesting assets in the infrastructure

hashtagDomain Controllers

hashtagWindows Exchange Server

hashtagLaunch Gowitness to get screenshots of web portal

Scope

Generate IP list from IP range

Operations Checklist

1. Enumerate interesting assets in the infrastructure

Domain Controllers

Windows Exchange Server

Launch Gowitness to get screenshots of web portal