Network Penetration Testing  - GjWDZ1516079830 - Network Penetration Testing GUI Toolkit

SPARTA is developed with python and inbuild   Kali tool. It simplifies scanning and enumeration phase with faster results.

Best thing of SPARTA GUI  it scans detects the service running on the target port.

Also, it provides Bruteforce attack for scanned open ports and services as a part of enumeration phase.

Also Read:  Network Pentesting Checklist

Installation

Please clone the latest version of SPARTA from github:

git clone https://github.com/secforce/sparta.git

Alternatively, download the latest zip file here.

cd /usr/share/
git clone https://github.com/secforce/sparta.git

Place the "sparta" file in /usr/bin/ and make it executable.
Type 'sparta' in any terminal to launch the application.

The scope of Network Penetration Testing Work:

  • Organizations security weaknesses in their network infrastructures are identified by a list of host or targeted host and add them to the scope.
  • Select menu bar – File > Add host(s) to scope

Network Penetration Testing  - Screenshot 526 - Network Penetration Testing GUI Toolkit

Network Penetration Testing  - Screenshot 527 - Network Penetration Testing GUI Toolkit

  • Above figures show target Ip is added to the scope.According to your network can add the range of IPs to scan.
  • After adding Nmap scan will begin and results will be very faster.now scanning phase is done.

Open Ports & Services:

  • Nmap results will provide target open ports and services.

Network Penetration Testing  - Screenshot 528 - Network Penetration Testing GUI Toolkit

  • Above figure shows that target operating system, Open ports and services are discovered as scan results.

Brute Force Attack on Open ports:

  • Let us Brute force Server Message Block (SMB) via port 445 to enumerate the list of users and their valid passwords.

Network Penetration Testing  - Screenshot 529 - Network Penetration Testing GUI Toolkit

  • Right-click and Select option Send to Brute.Also, select discovered Open ports and service on target.
  • Browse and add dictionary files for Username and password fields.

Network Penetration Testing  - Screenshot 531 - Network Penetration Testing GUI Toolkit

  • Click Run to start the Brute force attack on the target.Above Figure shows Brute force attack is successfully completed on the target IP and the valid password is Found!
  • Always think failed login attempts will be logged as Event logs in Windows.
  • Password changing policy should be 15 to 30 days will be a good practice.
  • Always recommended to use a strong password as per policy.Password lockout policy is a good one to stop brute force attacks (After 5 failure attempts account will be locked)
  •  The integration of business-critical asset to SIEM( security incident & Event Management) will detect these kinds of attacks as soon as possible.

SPARTA is timing saving GUI Toolkit for pentesters for scanning and enumeration phase.SPARTA Scans and Bruteforce various protocols.It has many more features! Happy Hacking.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here