Weeks 3 & 4: Diving Deeper into Recon, Enumeration, and Networking

Ebenezer EveroEbenezer Evero
3 min read

The past two weeks have been a mix of challenges and progress. In Week 3, I explored Active Reconnaissance, Enumeration, and Social Engineering Attacks, while Week 4 was a bit slow due to university resumption. However, I focused on Networking Fundamentals and Web Application Exploitation to strengthen my understanding before moving forward.

Week 3: Active Reconnaissance & Enumeration

In Week 2, I stopped at Passive Reconnaissanceβ€”gathering intel without directly interacting with the target. Week 3 took things further with Active Reconnaissance, where I began directly probing systems for vulnerabilities. This was my first deep dive into Nmap scanning techniques:

πŸ”Ž Nmap Scanning Techniques

πŸ”Ή SYN Scan (-sS) – Checks for open TCP ports by sending SYN packets. πŸ”Ή TCP Connect Scan (-sT) – Default scan that establishes a full TCP connection. πŸ”Ή UDP Scan (-sU) – Probes UDP ports, useful for scanning DNS, SNMP, DHCP servers. πŸ”Ή TCP FIN Scan (-sF) – Attempts to bypass firewalls by sending FIN packets. πŸ”Ή Host Discovery Scan (-sn) – Identifies live hosts on a network. πŸ”Ή Timing Options (-T0 to -T5) – Adjusts scan aggressiveness (stealthy to aggressive).

Beyond scanning, I also learned Enumeration Techniques, crucial for uncovering system details:

πŸ” Enumeration Techniques

βœ… Host Enumeration – Identifying active devices. βœ… User & Group Enumeration – Extracting system users and groups. βœ… Network Share Enumeration – Finding shared resources on networks. βœ… Web Application Enumeration – Discovering site structure, directories, and subdomains. βœ… Service Enumeration – Finding running services, open ports, and vulnerabilities. βœ… Packet Crafting for Enumeration – Customizing network packets to probe systems stealthily.

πŸ›‘οΈ Analyzing Vulnerabilities

To make sense of scan results, I explored vulnerability databases like:

  • US-CERT

  • NIST

  • CVE (Common Vulnerabilities and Exposures)

  • CWE (Common Weakness Enumeration)

  • CVSS (Common Vulnerability Scoring System)

I learned how to determine if a vulnerability is worth reporting or exploiting based on severity, risk, and impact.

🎭 Social Engineering Attacks

To complement technical reconnaissance, I explored Social Engineering tactics:

πŸ”Ή Phishing (Email, Spear Phishing, Whaling, Vishing, SMS phishing) πŸ”Ή Pretexting & Impersonation πŸ”Ή Watering Hole Attacks πŸ”Ή Physical Attacks (Tailgating, Dumpster Diving, Shoulder Surfing, Badge Cloning)

I also performed hands-on labs to test scanning, enumeration, and phishing techniques in controlled environments.

Week 4: Networking & Web Exploitation

With university resuming, my schedule got tighter, but I focused on Networking Basics to strengthen my foundation before diving deeper into Wi-Fi and network-based exploitation.

🌐 Networking Fundamentals

βœ… OSI Model & Data Transmission βœ… Network Addresses & CIDR Notation βœ… Hubs, Switches, and ARP βœ… Routers & Setting up SOHO Networks βœ… VPNs & Secure Tunneling βœ… Essential Networking Commands for Troubleshooting

Additionally, I covered Remote Support & Administration:

πŸ”Ή SSH (Secure Shell) – Remote access to Linux servers. πŸ”Ή RDP & VNC – Remote desktop management for Windows & Linux. πŸ”Ή Third-Party Remote Support Tools – Best practices for secure remote connections. πŸ”Ή Phone Support Tips & Tricks – Handling technical issues over calls.

πŸ’» Web Application Exploitation & Bug Bounty Hunting

As I began exploring Web App Exploitation, I decided to strengthen my approach by studying Bug Bounty Hunting. To aid my learning, I added the book "Bug Bounty Bootcamp" to my resources. My focus includes:

πŸ”Ή Web Reconnaissance & Subdomain Enumeration πŸ”Ή Finding Security Misconfigurations πŸ”Ή Identifying Common Web Vulnerabilities (XSS, SQL Injection, CSRF, etc.) πŸ”Ή Analyzing Web Requests & Responses πŸ”Ή Automating Web Scans with Burp Suite & Nikto

Next Steps πŸš€

βœ”οΈ Complete Networking & Security in TCM’s Practical Help Desk Course.
βœ”οΈ Dive deeper into Wi-Fi & Network Exploitation after mastering networking.
βœ”οΈ Progress in Web Application Security & Bug Bounty Hunting.
βœ”οΈ Continue performing practical labs & CTF challenges.

0
Subscribe to my newsletter

Read articles from Ebenezer Evero directly inside your inbox. Subscribe to the newsletter, and don't miss out.

#Cybersecurity #Digital Age #Online Safety #Cyber-Attacks #Data Protection #Internet #Security #Cybercrime #Phishing #Scams #Information #Security #IT Securityethicalhackingpentestingbugbountynmapnetwork security#WebAppSecurity social engineeringLinuxhelpdesk #TechLearning#cybersecurity

Written by

Ebenezer Evero
Ebenezer Evero

Hi, I’m Ebenezer Evero Ighozino, an aspiring penetration tester and cybersecurity enthusiast documenting my journey from beginner to ethical hacker. I started my cybersecurity journey with a passion for ethical hacking but struggled to find the right roadmap. Now, I’m learning network security, vulnerability management, penetration testing, and incident responseβ€”one step at a time. Through this blog, I share weekly insights, hands-on projects, and lessons learned, helping others navigate the cybersecurity space. Whether you're a beginner or looking for motivation, let's learn, hack, and grow together! πŸš€ πŸ”Ή Current Focus: Cybersecurity Fundamentals, Ethical Hacking, and Capture The Flag (CTF) Challenges.