Put yourself in the shoes of an attacker for a moment. Do you believe you would

Question

Put yourself in the shoes of an attacker for a moment. Do you believe you would be following a methodology like the OSSTMM or the Pentesting Execution Standard? Would you use a more rudimentary identify, scan, enumerate, attack methodology? Would you use no methodology at all other than blindly launching attacks in hopes of having something stick? Explain your decision and consider what sort of attacker might use which approach if there is a difference. Provide at least 2 resources to support your response

Explanation / Answer

The attackers can be classified as –

(a) Ethical hacker (a certified hacker who uses penetration testing techniques),

(b) Joyriders (attacker is doing it for amusement),

(c) Accidental attacker (network administrator),

(d) Spies (want to steal information to sell it later),

(e) Destructors (want to ruin computer systems, delete data), etc.

Being an attacker, one would like to try all the possible methodologies or no methodology at all. But, the choice depends on the type of attacker.

Different methodologies can be used by the attacker depending on the type of attacker.  

Related Questions

Navigate

• Browse (All)
• Browse P
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.