Service Enumeration
-
Port Scanning:
-
Naabu:
naabu -l subdomains.txt -p - -o open_ports.txt(High-speed TCP/UDP probing across all 65535 ports). -
Nmap:
nmap -sV -sC -p- -iL open_ports.txt(Banner grabbing and default scripts on discovered ports).
-
-
Specialized Gateway Probing:
-
VPN Gateways:
-
Pulse Secure / Ivanti:
nuclei -t http/vulnerabilities/ivanti/ -
Citrix ADC: Check for “Citrix Bleed” (CVE-2023-4966).
-
Palo Alto GlobalProtect: Check for CVE-2024-3400.
-
-
Remote Management: Check for exposed RDP, VNC, or SSH on non-standard ports.
-