At this point, we discussed several methods necessary to enumerate a network. We used our virtual lab so that we can test these methods and gain the experience necessary to perform these actions on live networks.

You should have a good understanding of the tools and techniques available to you such as onesixtyone for SNMP brute forcing or Nmap for network scanning. With the power of PBNJ data, we determined that it is simple to get a baseline of the network in MySQL format and then use that data to quickly select the right targets for the next stage of our penetration testing.

We introduced our first reader challenge and provided two example challenges for you to pursue at your convenience.

In the next chapter, we will dive into the topic of exploitation. You will be introduced to compiling or rewriting proof of concept (PoC) exploit code from the web, using Metasploit, cracking passwords, and manually exploitating remote vulnerabilities.