My scanning methodology

Pentest Preparation Steps

1. Initialize Metasploit

• Start the Metasploit database: Ensure the database is running.

• Check database status: Use the command db_status to verify connectivity.

2. Prepare Target and Exclusion Lists

• Create a Target File: List all targeted IPs in a file (e.g., target.txt).

• Create an Exclusion File: Specify any IPs to exclude in a separate file (e.g., exclude.txt).

3. Conduct Network Scans

• Scan for Live Hosts:

  Copy

  db_nmap -sP -iL target.txt --excludefile exclude.txt

• Service Detection and Script Scanning:

  Copy

  db_nmap -sS -sV -sC -T4 -iL target2.txt

• Use Additional Vulnerability Scripts:

  Copy

  db_nmap -Pn -sS -sV -sC -T4 -A --script=vuln* -iL target2.txt

4. Identify and Document Live Hosts

• Create a Documentation File: Record the live hosts identified during the scan in a separate file (e.g., live_hosts.txt).