Reflection Journal

---

Week 1

• Beginning with week 1, we were faced with a few assignments regarding creating a Kali Linux VM as a central point as well as establishing an introduction for the course. We focused primarily on becoming familiar with what Ethical Hacking and Pen Testing is as well as understanding some very basic attack methods and strategies. Some topics that we focused on specifically were reviewing some rules of engagement and pen test procedure as highlighted by NASA, as well as learn more about passive reconnaissance, which can be found under week 1 on the SEC-335 landing page.

Week 2

• Week 2 focuses a lot on scanning, ports and hosts. In the activity for this week we focused a lot on one-liners and scripting using different types of scans such as nmap, fping, and ping. All of this will be helpful when performing reconnaissance in future Pen tests. For our labs this week, we focused mostly on using nmap and a bash script to perform port scans of different targets. Information gained included creating bash scripts and how to use nmap to a higher extent. Here is a link to more information on nmap: Nmap.

Week 3

• The first thing we focused on in Week 3 was an activity called DNS enumeration. This is all about reconnaissance regarding DNS and finding hostnames, the DNS server, and more. Here is a link to my article on DNS enumeration: DNS Enumeration. We used scripts, nmap, grep, and awk mainly to create and finalize our output. Here is a script I wrote for reverse DNS lookup using nslookup: rvLook.sh. A few hangups I ran into this week was finding out that in nmap, in order to list a DNS server and find hostnames of machines on the same network, the command is nmap --dns-server 10.0.5.22 and I spent some time figuring that out. We used a lot of awk and grep and I have uploaded some of my one-liners to the scripts portion of this tech-journal detailing examples of how I used them to process output.