During this chapter, we covered various DNS interrogation techniques using a variety of tools to discover important servers, subdomains, and IP addresses, and were able to successfully extract the zone files from a DNS server (zone transfer) due to a misconfiguration on the target's DNS server.

Then, we used Nmap to perform various types of port scanning to determine the port status, running services and their versions, and the target's operating system; we also gained an indication of whether there's a firewall on the target. Finally, to close this chapter, we performed SMB and LDAP enumeration to gather user shares and directory records on our network devices.

Now that you have completed this chapter, you'll be able to successfully perform DNS zone transfers on vulnerable DNS servers; profile a system to discover its operating system, running services, and security vulnerabilities; evade detection while performing network scans; and perform LDAP and system enumeration on a target. You also obtained the skills to visually profile multiple websites at once. I hope this chapter has been helpful to your journey in learning penetration testing.

In Chapter 7, Working with Vulnerability Scanners, we will cover the importance of using vulnerability scanners to find security weaknesses and flaws on a target.