BD_G51

You never really want to be waiting for anything or only doing one thing at a time. So, if you're scanning a machine with Nmap and see it's running a web server, go ahead and throw something like Nikto at it. The more info you obtain the higher your rate of success will be. If you pop a box don't let it sit there, use it! Use its cycles to crack passwords or maybe you might find something interesting you could use as a social engineering attack. If you get into a machine using a certain exploit, other machines may be vulnerable to the same attack if they're not working as a team and helping each other secure their systems. Use the lack of communication to your advantage :) USB attacks are great. Drop a few USB drives with some value added features around and see what you get ;) Just be sure to inform your teammates :) Which is another thing, if you have a team, be sure to help each other and keep the communication flowing. Also, be sure to keep documentation ;) You'll definitely want the instructor to clarify the rules of engagement so you don't do something that gets you disqualified or something lame like that.

You never really want to be waiting for anything or only doing one thing at a time. So, if you're scanning a machine with Nmap and see it's running a web server, go ahead and throw something like Nikto at it. The more info you obtain the higher your rate of success will be. If you pop a box don't let it sit there, use it! Use its cycles to crack passwords or maybe you might find something interesting you could use as a social engineering attack. If you get into a machine using a certain exploit, other machines may be vulnerable to the same attack if they're not working as a team and helping each other secure their systems. Use the lack of communication to your advantage :) USB attacks are great. Drop a few USB drives with some value added features around and see what you get ;) Just be sure to inform your teammates :) Which is another thing, if you have a team, be sure to help each other and keep the communication flowing. Also, be sure to keep documentation ;) You'll definitely want the instructor to clarify the rules of engagement so you don't do something that gets you disqualified or something lame like that.