Day 3
Hands-on Lab – Reconnaissance and Scanning
Objective
- Perform hands-on activities using WHOIS, DNS queries, and Nmap for scanning
Lab Tasks
-
WHOIS Lookups
- Use
whoisCLI or ICANN Lookup to query a domain
- Use
-
DNS Footprinting
- Use
digornslookupto gather DNS information - Identify subdomains with
DNSDumpster
- Use
-
Website Footprinting
- Use
WhatWebandWappalyzerto analyze website technologies
- Use
-
Network Scanning with Nmap
- Scan for live hosts:
nmap 192.168.1.0/24 - Identify open ports:
nmap -p1-65535 192.168.1.1 - Perform OS detection:
nmap -O 192.168.1.1 - Run vulnerability scripts:
nmap --script vuln 192.168.1.1
- Scan for live hosts:
-
Advanced Scanning with Masscan
- Scan large networks quickly:
masscan -p1-65535 192.168.1.0/24
- Scan large networks quickly:
Lab Report Template
| Task | Tool Used | Command | Observations |
|---|---|---|---|
| WHOIS Query | WHOIS CLI | whois example.com | Output... |
| DNS Lookup | dig | dig example.com | Output... |
| Nmap Port Scan | Nmap | nmap -p1-65535 target | Open ports... |
Learning Outcomes for Week 3
- ✅ Understand and perform footprinting techniques (WHOIS, DNS, website)
- ✅ Conduct network scanning using Nmap and other tools
- ✅ Identify open ports, services, and operating systems of target systems
- ✅ Develop a lab report summarizing reconnaissance and scanning findings