Very basic question

Rdizazzo · December 5, 2019, 5:56pm

I have been watching several, around 50, videos on HackerSploit YouTube channel and reading several web sites to learn the basics of pen testing and ethical hacking.

My question is, everything is fine when scanning my local network or scanning a web app but what if I want to force myself into a personal computer, lets say I want to test my friend’s computer to see if he has some kind of security in place. Lets say I have his IP address, would I go about the same way as if I was testing my local network or a web app of some sort? Is it the same tools and the same way of doing.

Also, is there a way to find the IP address of a sender in Gmail. I have searched everywhere in Gmail and did not find nowhere the sender’s IP addresses. Is there a way to do this?

Thank you

MoNsTeR · December 6, 2019, 11:46am

@Rdizazzo

Hi Rdizazzo,

Reconnaissance is your best friend. All the info you can grab on your target makes your life easier. It really comes down to the level of intensity you are willing to expend to capture your target. Gathering OSINT, Name , Number, Address, Email, User Accounts, Friends + Family. Mapping it all out and picking your plan of action. You will most likely find social engineering your target into opening a malicious app or clicking a link will be that plan. Unless you find low hanging fruit while scanning.

You will not be getting a home IP address from Gmail headers. The IP you will find will belong to the SMTP server. I hope this helps clarify things more clearly for you.