:

In a professional penetration test, an IP address is used for . An attacker might use tools like Nmap to scan the IP for open ports. If the user has a vulnerable service running (like an outdated web server or an unpatched remote desktop protocol), the attacker might try to exploit that specific software to gain access to the device, and then look for browser cookies or saved passwords. 3. Common Vectors (Beyond the IP)

This is the strongest defense. Even if someone gets your password via a complex exploit, they cannot log in without the code from your phone.

:

: Si un usuario deja su sesión abierta en un dispositivo público o compartido, un atacante puede tomar el control sin necesidad de "hackear" nada técnico. 3. Cómo proteger tu cuenta