What are Auxiliary modules?
An auxiliary module allows for additional functionality that does not use an exploit or a payload, they are often categorised into the following:
Allowing the end user, for example to use an auxiliary module to enumerate information from a host, or to login into a service. Auxiliary module are very useful tool on the cyber security professional armoury, and can increase efficiency substantially.
What is a Port Scan?
A port scan is a method of determining which connections/ports on a network or host are open. A port allows data to be sent and received, port scanning is the process of checking which ports are ready to receive data. Similar to knocking on someone's door to see if they are in. Port scanning is incredibly valuable to cyber professionals to identify potential points of entry, or where to investigate further. Thankfully there is an auxiliary module for that:
<insert screenshot>
OS Detection
Detecting the OS can allow us as attackers to hone in on what exploits or attacks could fit the situation and the target. Metasploit offers modules that allow us to enumerate more of the target OS, for example, if you have identified a Windows host running SMB on port 445, you could use the following module to enumerate the OS version:
<insert screenshot>
Service Enumeration
Enumerating services is a key part of penetration testing when assessing hosts or networks. To be able to query a running service like MySQL, FPT, and SNMP to name a few can help us out dramatically. To query a service usually results in the return of useful information we might be able to use to further our attack. For example, Metasploit has a module that queries SNMP for us and presents the results in a really clear cut fashion; see below:
<insert screenshot>
