Weeks 3 & 4: Diving Deeper into Recon, Enumeration, and Networking

Ebenezer EveroEbenezer Evero
3 min read

The past two weeks have been a mix of challenges and progress. In Week 3, I explored Active Reconnaissance, Enumeration, and Social Engineering Attacks, while Week 4 was a bit slow due to university resumption. However, I focused on Networking Fundamentals and Web Application Exploitation to strengthen my understanding before moving forward.


Week 3: Active Reconnaissance & Enumeration

In Week 2, I stopped at Passive Reconnaissanceβ€”gathering intel without directly interacting with the target. Week 3 took things further with Active Reconnaissance, where I began directly probing systems for vulnerabilities. This was my first deep dive into Nmap scanning techniques:

πŸ”Ž Nmap Scanning Techniques

πŸ”Ή SYN Scan (-sS) – Checks for open TCP ports by sending SYN packets. πŸ”Ή TCP Connect Scan (-sT) – Default scan that establishes a full TCP connection. πŸ”Ή UDP Scan (-sU) – Probes UDP ports, useful for scanning DNS, SNMP, DHCP servers. πŸ”Ή TCP FIN Scan (-sF) – Attempts to bypass firewalls by sending FIN packets. πŸ”Ή Host Discovery Scan (-sn) – Identifies live hosts on a network. πŸ”Ή Timing Options (-T0 to -T5) – Adjusts scan aggressiveness (stealthy to aggressive).

Beyond scanning, I also learned Enumeration Techniques, crucial for uncovering system details:

πŸ” Enumeration Techniques

βœ… Host Enumeration – Identifying active devices. βœ… User & Group Enumeration – Extracting system users and groups. βœ… Network Share Enumeration – Finding shared resources on networks. βœ… Web Application Enumeration – Discovering site structure, directories, and subdomains. βœ… Service Enumeration – Finding running services, open ports, and vulnerabilities. βœ… Packet Crafting for Enumeration – Customizing network packets to probe systems stealthily.

πŸ›‘οΈ Analyzing Vulnerabilities

To make sense of scan results, I explored vulnerability databases like:

  • US-CERT

  • NIST

  • CVE (Common Vulnerabilities and Exposures)

  • CWE (Common Weakness Enumeration)

  • CVSS (Common Vulnerability Scoring System)

I learned how to determine if a vulnerability is worth reporting or exploiting based on severity, risk, and impact.

🎭 Social Engineering Attacks

To complement technical reconnaissance, I explored Social Engineering tactics:

πŸ”Ή Phishing (Email, Spear Phishing, Whaling, Vishing, SMS phishing) πŸ”Ή Pretexting & Impersonation πŸ”Ή Watering Hole Attacks πŸ”Ή Physical Attacks (Tailgating, Dumpster Diving, Shoulder Surfing, Badge Cloning)

I also performed hands-on labs to test scanning, enumeration, and phishing techniques in controlled environments.


Week 4: Networking & Web Exploitation

With university resuming, my schedule got tighter, but I focused on Networking Basics to strengthen my foundation before diving deeper into Wi-Fi and network-based exploitation.

🌐 Networking Fundamentals

βœ… OSI Model & Data Transmission βœ… Network Addresses & CIDR Notation βœ… Hubs, Switches, and ARP βœ… Routers & Setting up SOHO Networks βœ… VPNs & Secure Tunneling βœ… Essential Networking Commands for Troubleshooting

Additionally, I covered Remote Support & Administration:

πŸ”Ή SSH (Secure Shell) – Remote access to Linux servers. πŸ”Ή RDP & VNC – Remote desktop management for Windows & Linux. πŸ”Ή Third-Party Remote Support Tools – Best practices for secure remote connections. πŸ”Ή Phone Support Tips & Tricks – Handling technical issues over calls.

πŸ’» Web Application Exploitation & Bug Bounty Hunting

As I began exploring Web App Exploitation, I decided to strengthen my approach by studying Bug Bounty Hunting. To aid my learning, I added the book "Bug Bounty Bootcamp" to my resources. My focus includes:

πŸ”Ή Web Reconnaissance & Subdomain Enumeration πŸ”Ή Finding Security Misconfigurations πŸ”Ή Identifying Common Web Vulnerabilities (XSS, SQL Injection, CSRF, etc.) πŸ”Ή Analyzing Web Requests & Responses πŸ”Ή Automating Web Scans with Burp Suite & Nikto


Next Steps πŸš€

βœ”οΈ Complete Networking & Security in TCM’s Practical Help Desk Course.
βœ”οΈ Dive deeper into Wi-Fi & Network Exploitation after mastering networking.
βœ”οΈ Progress in Web Application Security & Bug Bounty Hunting.
βœ”οΈ Continue performing practical labs & CTF challenges.

0
Subscribe to my newsletter

Read articles from Ebenezer Evero directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Ebenezer Evero
Ebenezer Evero

Hi, I’m Ebenezer Evero Ighozino, an aspiring penetration tester and cybersecurity enthusiast documenting my journey from beginner to ethical hacker. I started my cybersecurity journey with a passion for ethical hacking but struggled to find the right roadmap. Now, I’m learning network security, vulnerability management, penetration testing, and incident responseβ€”one step at a time. Through this blog, I share weekly insights, hands-on projects, and lessons learned, helping others navigate the cybersecurity space. Whether you're a beginner or looking for motivation, let's learn, hack, and grow together! πŸš€ πŸ”Ή Current Focus: Cybersecurity Fundamentals, Ethical Hacking, and Capture The Flag (CTF) Challenges.