Old Dominion University
CYSE 450: Ethical Hacking and Penetration Testing
Lab 1: Active Reconnaissance and Vulnerability Scanning
Handout Date: February 06, 2025
Due Date: February 20, 2025, 11:59 pm
Total Points: 30
Question 1: Active Scanning
T1: Using both host and dig commands, demonstrate whether the host sdf.org is live or not. Attach screenshots showing the results. 4 points
• T2: Perform DNS enumeration using dnsenum command for the host sdf.org. Check whether the zone transfer is possible. Provide necessary screenshots. 4 points
- T3: Perform both ICMP Sweep and TCP Sweep for the host sdf.org using NMAP. Use the option –reason to show the details and disable the arp-ping. Attach screenshots showing the results. 6 points
- T4: Perform port scanning to determine all open ports and corresponding running
services for the host sdf.org. Attach screenshots showing the results. 6 points
Question 2: Vulnerability Scanning
- T1: Using NSE scripts, determine all known vulnerabilities present in the host sdf.org.
Attach a screenshot showing your command and the results you got. 5 points
- T2: Perform a brute force attack on sdf.org. You can choose any script from the followings: ftp-brute, snmp-brute, http-brute, and oracle-brute. Attach screenshots showing your command and the results you received. 5 points
