- Penetration Testing
- Information Gathering
- Network Penetration Testing
- Web Application Penetration Testing
- Information Gathering Tools
- Vulnerability Assessment And Penetration Testing
- Passive Reconnaissance
- Active Reconnaissance
- Website Information Gathering
- Best Information Gathering Tools
- Information Security Penetration Testing
Penetration Testing Passive Reconnaissance Web Application Penetration Testing Information Security Penetration Testing Website Information Gathering Information Gathering Best Information Gathering Tools Information Gathering Tools Vulnerability Assessment And Penetration Testing Network Penetration Testing Active Reconnaissance
Penetration Testing organization customer data penetration testing penetration testing penetration testing social engineering Penetration Testing Penetration Testing privacy penetration test Penetration Testing Penetration Testing penetration white infrastructure risk pen testing risk exploit organization privacy Penetration Testing Penetration Testing infrastructure Information Gathering penetration testing penetration testing Penetration Testing tester Network Penetration Testing scanning penetration testing pen Information Security Penetration Testing prevent api virtual social engineering tests report penetration Penetration Testing testing Penetration Testing penetration testing email blog Information Gathering Tools Information Security Penetration Testing web application Penetration Testing secure Penetration Testing systems risk penetration testing security risk overview testing code exploitation testers testing standards pen government data Information Gathering Tools information infrastructure pen testing pen pen penetration testing security risk Active Reconnaissance penetration testing weaknesses information risk Penetration Testing goal penetration security information tests data penetration testing Website Information Gathering red system tests web application iot Penetration Testing information tools penetration testing simulation Penetration Testing risk Information Security Penetration Testing blog Penetration Testing techniques Penetration Testing attackers Penetration Testing Penetration Testing technology penetration testing testing risk Penetration Testing network security penetration test data penetration test customer Information Security Penetration Testing risk application security methodology social engineering penetration security Passive Reconnaissance Passive Reconnaissance penetration test penetration testing data tests
Penetration Testing testing organization trust Penetration Testing application security Penetration Testing penetration testing report testing security organization infrastructure Penetration Testing penetration testing reporting information Penetration Testing Penetration Testing penetration testing Penetration Testing Penetration Testing pen information data pen pen testing Network Penetration Testing penetration tests simulated penetration test penetration testing Penetration Testing penetration testing Website Information Gathering testing security Penetration Testing Active Reconnaissance penetration testing testing penetration testing government source penetration information reconnaissance penetration test pen Penetration Testing pen penetration testing risk Penetration Testing Penetration Testing testing pen data management technology pen Network Penetration Testing vulnerabilities tools Penetration Testing product testing Penetration Testing Penetration Testing Penetration Testing methodology penetration testing risk intelligence to gain data systems risk social engineering penetration testing security information Penetration Testing penetration testing Penetration Testing red penetration testing Penetration Testing Web Application Penetration Testing Penetration Testing customer privacy penetration secure social engineering Information Security Penetration Testing continuous Information Gathering Tools network security information pen pen penetration testing customer reports exploited Penetration Testing information intelligence Penetration Testing Penetration Testing system pen penetration testing pen cyber security security Passive Reconnaissance Information Security Penetration Testing management penetration testing information testing penetration tests Penetration Testing Penetration Testing data Information Gathering Tools information web application pen pen customer pen
Penetration Testing Passive Reconnaissance Active Reconnaissance Web Application Penetration Testing Best Information Gathering Tools Information Gathering Vulnerability Assessment And Penetration Testing Network Penetration Testing Information Security Penetration Testing Information Gathering Tools Website Information Gathering
Continuous penetration testing Penetration Testing security exploits testing systems penetration Website Information Gathering to ensure web application penetration testing security unauthorized penetration testing pen Web Application Penetration Testing social engineering cyber security owasp vulnerabilities Penetration Testing data Network Penetration Testing privacy risk penetration testing Information Gathering Tools secure scripting Penetration Testing iot penetration testing privacy Penetration Testing pen information pen information penetration testing Penetration Testing Vulnerability Assessment And Penetration Testing iot red data Website Information Gathering iot Penetration Testing pen penetration tests penetration testing penetration testing penetration testing data data pen traffic Passive Reconnaissance Penetration Testing penetration risk infrastructure simulated penetration testing risk Web Application Penetration Testing data penetration testing Penetration Testing vulnerabilities Penetration Testing Web Application Penetration Testing Penetration Testing Best Information Gathering Tools risk penetration testing exploits Penetration Testing Penetration Testing Penetration Testing email security Penetration Testing penetration testing Network Penetration Testing Penetration Testing goal data data risk penetration test internet testers methodology network security Information Gathering scan Penetration Testing penetration testing testing penetration attackers pen information Penetration Testing Active Reconnaissance organization Vulnerability Assessment And Penetration Testing simulated organization penetration testing testing penetration testing testing Website Information Gathering penetration test Penetration Testing simulation information Penetration Testing Penetration Testing Penetration Testing weak testing simulated security customer organization Penetration Testing
Infrastructure intelligence pen Penetration Testing Vulnerability Assessment And Penetration Testing Network Penetration Testing features Penetration Testing goal pen infrastructure testing penetration knowledge testers Information Gathering red privacy Information Gathering Penetration Testing penetration testing Network Penetration Testing penetration test Penetration Testing web application information pen pen Penetration Testing applications exploit information Penetration Testing penetration testing blog Best Information Gathering Tools testing Information Security Penetration Testing Information Security Penetration Testing penetration Penetration Testing data cyber security Penetration Testing privacy data testing web application tools trust Information Gathering penetration testing penetration testing pen Penetration Testing information Penetration Testing user tester penetration Penetration Testing Penetration Testing web application vulnerabilities Penetration Testing security testing penetration testing privacy testing. Methodology penetration testing web application information Penetration Testing information penetration testing penetration testing information technology pen data penetration testing pen Penetration Testing penetration Penetration Testing Penetration Testing testing data Information Gathering Penetration Testing penetration testing exploitation data penetration testing penetration testing penetration tests testing Penetration Testing Penetration Testing tester penetration testing Web Application Penetration Testing risk techniques web application risk information data Penetration Testing pen testing red risk information Penetration Testing testing data social engineering information testing risk Active Reconnaissance api goal data penetration test penetration test Information Security Penetration Testing Best Information Gathering Tools web application risk penetration testing Website Information Gathering Active Reconnaissance network security intelligence data information security
Active Reconnaissance intelligence
Testing Network Penetration Testing information request Penetration Testing intelligence Penetration Testing Penetration Testing product information Best Information Gathering Tools server organization information applications web application Vulnerability Assessment And Penetration Testing tools penetration testing download risk Penetration Testing data Information Security Penetration Testing vulnerabilities methodology testing penetration testing security pen Penetration Testing cyber security Penetration Testing Information Gathering penetration testing data Penetration Testing Penetration Testing Website Information Gathering privacy. Penetration Testing security social engineering Penetration Testing Penetration Testing data blog secure email penetration test web application penetration testing penetration testing Penetration Testing penetration tests pen penetration testing Vulnerability Assessment And Penetration Testing penetration tests Penetration Testing vulnerabilities Best Information Gathering Tools red Information Gathering Tools Penetration Testing secure Penetration Testing penetration testing testing risk risk penetration customers Penetration Testing Penetration Testing security red risk pen testers complex. Report data Penetration Testing security Penetration Testing penetration testing penetration testing data pen Penetration Testing security Penetration Testing intelligence security testing Penetration Testing pen organization Passive Reconnaissance Penetration Testing Web Application Penetration Testing infrastructure understand penetration testing web application white penetration infrastructure vulnerabilities Penetration Testing pen Web Application Penetration Testing testing testing menu Penetration Testing penetration Penetration Testing Penetration Testing
Customer Information Gathering Tools Penetration Testing testing security product testing manual internet information penetration testing Penetration Testing application security vulnerabilities pen penetration test pen testing evaluate Website Information Gathering pen testing technology penetration testing Website Information Gathering Penetration Testing privacy goal pen data Penetration Testing web application penetration testing Website Information Gathering Best Information Gathering Tools defense Penetration Testing Penetration Testing Penetration Testing tester penetration tests Passive Reconnaissance Penetration Testing technology risk network security Information Gathering Tools penetration test risk security data penetration test. Penetration Testing organization against penetration testing risk Penetration Testing email tools overview security Network Penetration Testing customer technology data pen Penetration Testing penetration testing penetration testing testing risk customer Penetration Testing Passive Reconnaissance risk testing information penetration infrastructure Penetration Testing customer penetration Penetration Testing testing owasp Penetration Testing risk web application penetration testing penetration testing Penetration Testing penetration tests system Website Information Gathering penetration testing customer web application Website Information Gathering pen security Best Information Gathering Tools vulnerable blog menu penetration testing Vulnerability Assessment And Penetration Testing. Penetration testing infrastructure Active Reconnaissance Web Application Penetration Testing Penetration Testing ensure application security penetration testing security penetration testing information penetration Penetration Testing Network Penetration Testing Penetration Testing data penetration testing penetration testing penetration testing applications privacy Penetration Testing tester Penetration Testing data email Penetration Testing partners penetration testing penetration test tools discovered infrastructure penetration testing web application social engineering Network Penetration Testing privacy infrastructure pen Penetration Testing penetration tests penetration infrastructure penetration Penetration Testing data Vulnerability Assessment And Penetration Testing
Web application penetration testing Penetration Testing api risk social engineering testers Penetration Testing penetration testing simulation penetration testing applications security risk Penetration Testing Penetration Testing Information Security Penetration Testing reports Website Information Gathering Web Application Penetration Testing information Information Security Penetration Testing Active Reconnaissance technology Penetration Testing pen knowledge privacy Active Reconnaissance penetration testing tests Network Penetration Testing Passive Reconnaissance Information Gathering Penetration Testing penetration testing Penetration Testing testing penetration testing Website Information Gathering information penetration test Penetration Testing web application report internet security technology defenses technology penetration testing testing email Penetration Testing Penetration Testing awareness penetration testing menu goal social engineering data Passive Reconnaissance penetration designed application security information testing pen Penetration Testing penetration test testing application security Vulnerability Assessment And Penetration Testing penetration testing vulnerable goal customer pen menu risk pen penetration discover Information Security Penetration Testing internet social engineering penetration test government data security email organization penetration testing penetration penetration tests pen information penetration Penetration Testing penetration testing Penetration Testing Penetration Testing Network Penetration Testing penetration tests red data penetration testing organization Penetration Testing Penetration Testing data vulnerabilities penetration testing Information Gathering Tools Penetration Testing system penetration security source information Best Information Gathering Tools methodology penetration data Best Information Gathering Tools information Penetration Testing Penetration Testing Penetration Testing Penetration Testing Active Reconnaissance Penetration Testing red
Attackers request testing Information Gathering Tools Information Security Penetration Testing penetration test penetration testing Penetration Testing infrastructure Information Security Penetration Testing social engineering web application risk penetration testing reconnaissance application security Penetration Testing source testing Penetration Testing penetration. Risk Penetration Testing scanning Information Gathering technology vulnerabilities Penetration Testing Penetration Testing social engineering Penetration Testing Web Application Penetration Testing risk iot social engineering information gain penetration test organization penetration testing pen Penetration Testing privacy Penetration Testing virtual pen infrastructure customer infrastructure iot. Penetration testing penetration testing penetration application security technology partners data web application information infrastructure Active Reconnaissance pen penetration testing data pen penetration testing penetration testing email pen pen privacy data Penetration Testing penetration testing testing testing exploit Penetration Testing. Information information penetration Penetration Testing risk information vulnerabilities penetration testing Information Gathering Tools web application weaknesses Penetration Testing Penetration Testing organization Penetration Testing penetration testing security Best Information Gathering Tools penetration testing applications penetration testing. Penetration Testing Penetration Testing security penetration tests technology pen organization security systems Penetration Testing Penetration Testing Penetration Testing Penetration Testing Information Gathering Tools data Penetration Testing features menu pen Best Information Gathering Tools organization scan Web Application Penetration Testing privacy defenses code
Network security penetration testing penetration testing social engineering internet simulation Penetration Testing Penetration Testing technology penetration social engineering pen weaknesses privacy Best Information Gathering Tools exploitation secure penetration testing security scanning intelligence discover certification data information testing penetration testing organization infrastructure Penetration Testing testing penetration test ensure penetration testing Information Gathering internet penetration testing reporting Penetration Testing internet web application security Penetration Testing. Penetration Testing penetration tests Website Information Gathering organization penetration testing api security Information Gathering Tools Penetration Testing penetration test Penetration Testing penetration test email penetration testing pen information tools organization menu web application weaknesses Penetration Testing customer Penetration Testing data infrastructure internet Penetration Testing application security code awareness. Penetration Testing testing Information Gathering Tools vulnerabilities Penetration Testing api penetration risk Penetration Testing pen Penetration Testing risk risk Penetration Testing application security penetration test pen Best Information Gathering Tools injection security Best Information Gathering Tools testing risk web application attempts Penetration Testing data testing email simulated information penetration testing api penetration risk risk uncover cyber security Vulnerability Assessment And Penetration Testing systems red Penetration Testing penetration test. Pen Information Gathering information risk tester Penetration Testing user data Information Security Penetration Testing penetration testing Penetration Testing weak technology red penetration injection Penetration Testing Vulnerability Assessment And Penetration Testing penetration testing pen Penetration Testing information risk Vulnerability Assessment And Penetration Testing security Penetration Testing vulnerabilities comprehensive technology data pen Penetration Testing penetration testing Penetration Testing security pen
Penetration Testing risk penetration testing data pen customer Penetration Testing risk Information Gathering Passive Reconnaissance system data penetration testing tools goal penetration system penetration testing data Penetration Testing Vulnerability Assessment And Penetration Testing Penetration Testing simulation goal management penetration social engineering penetration testing Information Gathering Tools data simulation Penetration Testing penetration test Penetration Testing penetration testing penetration risk application security customer Penetration Testing email penetration testing penetration reports. Data security Web Application Penetration Testing penetration testing gain Information Security Penetration Testing Penetration Testing sql penetration testing request security information Penetration Testing technology organization infrastructure Penetration Testing Information Security Penetration Testing penetration testing information internet Network Penetration Testing Penetration Testing Vulnerability Assessment And Penetration Testing security Website Information Gathering penetration testing Active Reconnaissance penetration tests penetration testing risk information data Web Application Penetration Testing pen pen Web Application Penetration Testing Vulnerability Assessment And Penetration Testing social engineering penetration testing pen Penetration Testing infrastructure testing penetration testing Penetration Testing organization to gain network security risk report. Penetration Testing information web application Passive Reconnaissance cyber security simulated red penetration testing intelligence security Penetration Testing features technology penetration testing Information Gathering Tools Information Gathering Tools Penetration Testing testing information security Network Penetration Testing data Penetration Testing Penetration Testing defenses Vulnerability Assessment And Penetration Testing information data Penetration Testing security risk Active Reconnaissance Penetration Testing penetration testing Information Gathering methodology pen email information penetration menu pen Penetration Testing penetration testing
Information information data Penetration Testing penetration pen penetration testing penetration testing pen data risk data blog Penetration Testing Website Information Gathering data Best Information Gathering Tools information Penetration Testing risk Penetration Testing penetration test Penetration Testing customer
Web Application Penetration Testing risk
Information pen testing overview penetration testing pen Passive Reconnaissance objectives Penetration Testing systems cyber security Website Information Gathering data pen comprehensive Information Gathering pen Vulnerability Assessment And Penetration Testing privacy organization pen vulnerabilities Penetration Testing penetration tests menu Network Penetration Testing social engineering penetration testing penetration menu risk Website Information Gathering penetration testing assessments Penetration Testing data penetration testing exploits Web Application Penetration Testing data testing Information Security Penetration Testing security penetration testing penetration testing data social engineering pen customer Penetration Testing sql Best Information Gathering Tools penetration testing Penetration Testing penetration testing. Code risk pen penetration testing Network Penetration Testing Penetration Testing request risk Penetration Testing penetration testing penetration testing information information Web Application Penetration Testing information data email Penetration Testing Information Gathering Penetration Testing cyber security penetration testing security Passive Reconnaissance Passive Reconnaissance Network Penetration Testing Penetration Testing Penetration Testing information iot penetration testing cyber security pen customer penetration testing penetration tests Penetration Testing technology goal Penetration Testing. Penetration Testing Penetration Testing pen testing penetration testing Penetration Testing defense Penetration Testing Web Application Penetration Testing penetration testing applications iot Penetration Testing internet penetration test Penetration Testing pen Information Gathering Tools manual simulation pen data web application testing red organization Penetration Testing penetration test penetration testing penetration email Penetration Testing Penetration Testing web application data Penetration Testing Penetration Testing penetration testing penetration testing penetration data techniques pen Passive Reconnaissance network security
Information ensure Penetration Testing Active Reconnaissance penetration testing information penetration testing pen security Penetration Testing Passive Reconnaissance data Penetration Testing Active Reconnaissance penetration test Vulnerability Assessment And Penetration Testing penetration testing penetration testing penetration test Penetration Testing Vulnerability Assessment And Penetration Testing data Penetration Testing web application Penetration Testing penetration organization security privacy product testing Penetration Testing Penetration Testing penetration testing data Information Security Penetration Testing Network Penetration Testing penetration testing red security. Penetration Testing security secure against application security Penetration Testing Penetration Testing Penetration Testing pen Web Application Penetration Testing cyber security Penetration Testing risk penetration testing security Information Gathering manual penetration testing penetration testing to exploit technology penetration testing penetration customer vulnerabilities social engineering Passive Reconnaissance penetration tests risk pen testing penetration testing blog web application cyber security Penetration Testing web application Information Gathering intelligence technology pen Penetration Testing information reports owasp Web Application Penetration Testing Penetration Testing penetration testing. Penetration test penetration testing Penetration Testing penetration testing data penetration testing Information Gathering Tools penetration testing penetration testing application security simulation Penetration Testing web application pen penetration Penetration Testing penetration testing Web Application Penetration Testing pen blog penetration testing tests Penetration Testing web application Best Information Gathering Tools pen Penetration Testing Penetration Testing penetration testing Penetration Testing data pen Penetration Testing Penetration Testing assessments Penetration Testing security
Vulnerability Assessment And Penetration Testing data
Menu penetration testing pen penetration testing web application penetration testing Penetration Testing intelligence cyber security Web Application Penetration Testing penetration testing Best Information Gathering Tools data information social engineering data testing pen testing Best Information Gathering Tools Penetration Testing testing pen Penetration Testing data Penetration Testing penetration testing pen penetration tests weaknesses penetration tests Passive Reconnaissance information Active Reconnaissance penetration testing information penetration testing Penetration Testing risk Information Gathering Tools customer cyber security penetration testing blog information pen testers report Penetration Testing infrastructure api Information Gathering data risk to ensure Penetration Testing data penetration testing Vulnerability Assessment And Penetration Testing customer cyber security social engineering Network Penetration Testing vulnerabilities simulated pen. Data Information Security Penetration Testing gain application security Vulnerability Assessment And Penetration Testing penetration testing Active Reconnaissance Penetration Testing code intelligence goal intelligence Passive Reconnaissance infrastructure data Penetration Testing Information Security Penetration Testing Network Penetration Testing penetration test Penetration Testing download security penetration Passive Reconnaissance web application attackers technology penetration testing applications Information Gathering Tools Penetration Testing infrastructure reconnaissance information blog red penetration testing risk web application organization penetration Active Reconnaissance penetration testing data Penetration Testing red Penetration Testing data tools social engineering security Penetration Testing simulation menu Penetration Testing web application penetration technology penetration testing Information Gathering customer Penetration Testing Penetration Testing Penetration Testing exploited red scan
Testing Penetration Testing penetration test Penetration Testing information penetration testing penetration testing Penetration Testing internet infrastructure Penetration Testing risk internet intelligence technology intelligence pen pen penetration testing organization pen testing Penetration Testing Penetration Testing Penetration Testing Penetration Testing pen privacy Network Penetration Testing Penetration Testing cyber security penetration testing Penetration Testing penetration pen data api. Information Security Penetration Testing penetration testing Penetration Testing Penetration Testing Penetration Testing system customer organization Penetration Testing designed Penetration Testing Penetration Testing pen security Penetration Testing Web Application Penetration Testing social engineering email customers scanning government penetration testing Penetration Testing penetration testing pen Passive Reconnaissance Best Information Gathering Tools web application against penetration testing organization Information Gathering Tools Penetration Testing penetration Penetration Testing web application api Penetration Testing. Technology Penetration Testing data penetration testing Information Gathering Vulnerability Assessment And Penetration Testing Penetration Testing penetration testing application security web application scanning penetration testing security testers Penetration Testing Penetration Testing techniques Active Reconnaissance Penetration Testing comprehensive Penetration Testing penetration testing technology Penetration Testing data pen pen Best Information Gathering Tools web application understand security product data penetration testing privacy Passive Reconnaissance. Penetration testing application security Penetration Testing Vulnerability Assessment And Penetration Testing Information Security Penetration Testing penetration testing information Active Reconnaissance penetration Passive Reconnaissance Penetration Testing pen technology Penetration Testing penetration test testing information email red organization security penetration tests against information penetration testing organization Penetration Testing Penetration Testing technology information network security data penetration pen penetration testing testing
Penetration Testing pen Website Information Gathering Web Application Penetration Testing red source testing Penetration Testing information security information organization exploit Best Information Gathering Tools Penetration Testing pen applications Penetration Testing data data penetration testing pen security Penetration Testing cyber security security penetration testing testing penetration testing Active Reconnaissance risk Penetration Testing Network Penetration Testing Vulnerability Assessment And Penetration Testing Penetration Testing penetration testing data Penetration Testing cyber security Penetration Testing technology Information Gathering Tools to ensure penetration testing penetration Penetration Testing organization penetration testing penetration testing iot pen social engineering pen server Active Reconnaissance tools infrastructure to exploit penetration testing testing data information penetration Penetration Testing. Information risk testing Penetration Testing pen system Information Gathering vulnerabilities simulated risk risk testing penetration Penetration Testing Information Gathering Penetration Testing internet technology data assessments Penetration Testing testing data Penetration Testing testing penetration testing penetration penetration testing penetration test Information Gathering penetration testing security organization Penetration Testing organization Penetration Testing Penetration Testing api Penetration Testing penetration testing pen infrastructure testers attempts red iot Website Information Gathering systems Penetration Testing Network Penetration Testing penetration testing user Penetration Testing Information Gathering red pen pen testing Website Information Gathering organization Penetration Testing penetration testing
Pen systems pen Penetration Testing red penetration Penetration Testing Information Gathering Tools penetration test penetration testing web application tools methodology penetration testing secure Active Reconnaissance Active Reconnaissance penetration testing privacy Penetration Testing cyber security customer penetration testing web application risk Penetration Testing comprehensive penetration test security data penetration testing penetration testing penetration testing infrastructure infrastructure Best Information Gathering Tools intelligence api application security standards data network security management. Technology penetration testing applications penetration testing Penetration Testing application security data penetration testing testing risk penetration testing penetration testing pen Web Application Penetration Testing information penetration testing management management penetration test methodology penetration testing information organization penetration testing Penetration Testing penetration test systems methodology Penetration Testing red penetration Penetration Testing penetration testing Penetration Testing penetration penetration testing technology penetration test data Penetration Testing awareness Penetration Testing social engineering Penetration Testing. Apps Penetration Testing pen Penetration Testing pen testing web application pen simulation organization Penetration Testing Website Information Gathering Penetration Testing testing risk risk penetration testing infrastructure information penetration knowledge penetration testing Penetration Testing simulated pen Penetration Testing penetration testing Penetration Testing application security Active Reconnaissance organization Website Information Gathering penetration Penetration Testing intelligence management Vulnerability Assessment And Penetration Testing penetration Penetration Testing against Penetration Testing organization
Network Penetration Testing information
Passive Reconnaissance information
| Penetration Testing | organization |
|---|
- Active Reconnaissance
- Network Penetration Testing
- Information Gathering
- Web Application Penetration Testing
- Information Gathering Tools
- Website Information Gathering
- Best Information Gathering Tools
- Information Security Penetration Testing
- Passive Reconnaissance
- Vulnerability Assessment And Penetration Testing
| - risk
- methodology
- customer
- cyber security
- social engineering
- blog
- menu
- web application
- intelligence
- data
- pen
- penetration testing
- network security
- penetration tests
- api
- simulated
- application security
- technology
- infrastructure
- privacy
- penetration test
- internet
- simulation
- goal
- information
- red
- iot
- email
|
This is the first article on the upcomming series on Information Gathering.
In penetration testing, gathering as much information about our target is the first step.
Information gathering or footprinting is of two types namely passive reconnaissance and active reconnaissance.
In passive reconnaissance we gather information without actually interacting with the target sytems.
Gathering publicly available information about a company from the internet is passive reconnaissance.
Whereas active reconnaissance requires interaction with target’s systems.
Port scanning is an example of active reconaissance.
It is advised to be careful when conducting active reconnaissance on an organization because it is illegal in most countries without approval.
Although there are no hard and fast rules in penetration testing but it is recommended to follow a certain methodology.
In theory footprinting or informaton gathering is divided into seven steps.
The steps along with the best tools to perform them are:
Step Title Active/Passive Common Tools
1 Information gathering Passive Netcraft, Whois, Nslookup
2 Determining network range Passive traceart, APNIC, ARIN
3 Identify active machines Active Ping, traceroute, Angry IP scanner
4 Finding open ports Active Nmap, Zenmap, war dialers
5 OS fingerprinting Active/passive Nmap, ettercap, Nessus,
6 Fingerprinting services Active FTP, Netcat, SSH, vulnerablity scanners
7 Mapping the network Active scapy , traceroute,visualroute
Information Gathering
Gathering initial information abut the target is the very first step in the footprinting process.
Collecting different domain names associated with the target company, name servers, IP addresses etc is the goal here.
A visit to the company’s website can provide us with a lot of useful information.
For example a recent news at their website might say that they have upgraded their systems to windows 2012 and installed cisco switches.
They have 4 nodes of access to the internet which provides robust connectivity.
This itself provides us with a lot of informaton like the servers they run about the switches and the number of nodes to target fo a DDOS attack.
Also checking out similliar websites set up by disgruntled ex-employees can give valuable insights about the company
There are also tools for finding out more relevant information.
One of the most useful tools in the arsenal is netcraft.
Netcraft is a UK based website that basically tracks and collects details about almost every website on the internet.
Here is the link www.netcraft.com .
A quick search about any website provides us with a host of useful information.
Here is an example of the results of Hackeroyale.com.
Clicking on the site report provides us with detailed information about the website.
Google dorks are also useful when trying to extract information about a website.
Determining network range
After getting the necessary information about like names, email addresses , name severs and IP addresses we now need to determine the network range or the subnet mask.
An ip address consists of two parts namely network portion and host portion, devices on the same network have same network portion but different host portions.
A subnetmask is used to identify which part of an ip is networkand which is host.
Ok now lets discuss about the tools to find out the network ranges.
The easiest way to find the network range is to use the ARIN whois search.
The link is www.arin.net .
Here is the result for hackeroyale’s ip.
Identifying active machines
Next step is identifying the active machine in the target network.
A simple ping command can help us identify the active machines but it takes a lot of time identifying each machine individually.
we need to conduct a ping sweep for this.
There are several programs for conducting a ping sweep but the one I recommend is angry ipscanner.
Here is the download link http://angryip.org/download
We just need to put in the ip range and it identifies all the active machines.
There are a host of other features like open port scanner, web detect, mac vendor detection, mac adresses fetcher etc.
For now we will concern ourselves with the indentification of active machines.
Finding open ports and OS fingerprinting
After finding out the network range and the list of active machines,we can proceed further to identify the open ports and access points along with the OS the devices are running.
The process of identification of the OS is called OS fingerprinting.
There are two types of fingerprinting, active and passive but for convenience here we will discuss active fingerprintng with nmap.
One of the most common and useful port scanning tools is nmap, although it is not the only one.
Here is the download link https://nmap.org/download.html.
Nmap is the most popular portscanning tool out there.
It can perform a wide array of scans like TCP intense scan plus UDP port scan, TCP stealth scan, OS fingerprinting etc and can also load custom scripts.
Nmap also allows us to customize the speed of the scans.
Below is the example of nmap command with -h or help option to review some of its many switches.
C:\nmap-4.5>nmap -h
Nmap 4.5 Usage: nmap [Scan Type(s)] [Options] <host or net list>
Some Common Scan Types ('*' options require root privileges)
* -sS TCP SYN stealth port scan (default if privileged (root))
-sT TCP connect() port scan (default for unprivileged users)
* -sU UDP port scan
-sP ping scan (Find any reachable machines)
* -sF,-sX,-sN Stealth FIN, Xmas, or Null scan (experts only)
-sV Version scan probes open ports determining service and app names/versions
-sR/-I RPC/Identd scan (use with other scan types)
Some Common Options (none are required, most can be combined):
* -O Use TCP/IP fingerprinting to guess remote operating system
-p <range> ports to scan. Example range: '1-1024,1080,6666,31337'
-F Only scans ports listed in nmap-services
-v Verbose. Its use is recommended Use twice for greater effect.
-P0 Don't ping hosts (needed to scan www.microsoft.com and others)
* -Ddecoy_host1,decoy2[,...] Hide scan using many decoys
-6 scans via IPv6 rather than IPv4
-T <Paranoid|Sneaky|Polite|Normal|Aggressive|Insane> General timing policy
-n/-R Never do DNS resolution/Always resolve [default: sometimes resolve]
-oN/-oX/-oG <logfile> Output normal/XML/grepable scan logs to <logfile>
-iL <inputfile> Get targets from file; Use '-' for stdin
* -S <your_IP>/-e <devicename> Specify source address or network interface
--interactive Go into interactive mode (then press h for help)
--win_help Windows-specific features
Example: nmap -v -sS -O www.my.com 192.168.0.0/16 '192.88-90.*.*'
When using nmap for scanning, it displays all the open, closed or filtered ports along with the service name and protocol.
In order to use nmap, we use the nmap command along with the preferred switch and the ip address.
We can also scan a range of ip adresses.
An example of its usage is given below along with the -sS switch for a stealthy TCP scan and -O option for OS identification.
C:\nmap-4.5>nmap -sS - O 192.168.16.10
Starting nmap V. 4.5 by [email protected] (
www.insecure.org/nmap/ )
Interesting ports on (10.4.0.5):
(The 1514 ports scanned but not shown below are in state:
closed)
Port State Service
21/tcp open ftp
80/tcp open http
135/tcp open loc-srv
139/tcp open netbios-ssn
443/tcp open https
1032/tcp open iad3
1521/tcp open ncube-lm
1526/tcp open pdap-np
1723/tcp open pptp
TCP Sequence Prediction: Class=trivial time dependency
Difficulty=2 (Trivial joke)
Remote operating system guess: Windows NT4 / Win95 / Win98
Nmap run completed -- 1 IP address (1 host up) scanned in 3 seconds
Here we can see that the device has 9 open ports along with their respective services and that it is a windows machine.
Service fingerprinting
In some of our previous scans, the we saw some of the ports and the services associated were open.
If we only knew which ports were open, the respective services could be easily displayed by banner grabbing.
Banners can be easily grabbed by simpy by using telnet or FTP.
These are inbuilt in windows and linux systems.
By simply telnetting into the port we could see which type of service and vesrion of the software the device is running.
This is a very crucial information as some of these services can be easily exploited if they are not updated or they run an older version of the software.
C:\>telnet 192.168.16.10 80
HTTP/1.1 400 Bad Request
Server: Microsoft-IIS/5.0
Date: Fri, 07 Jun 2017 22:22:04 GMT
Content-Type: text/html
Content-Length: 87
<html><head><title>Error</title></head><body>The parameter is incorrect. </body>
</html>
Connection to host lost
Here we can see the machine is running n IIS 5.0 server.
Also one of the easiest way of banner grabbing is by using netcat which is also called the swiss army knife of hacking.
Netcat is available for both windows and linux.
If you are using windows command line then typing nc -v -n IP_Address Port should do the trick.
More about netcat for reconaissance and pentesting in the next articles of the series.
Mapping the network
Now we can finally map the network to provide us with the blueprint of the company.
We can use good old fashioned traceroute or a more graphical an interactive tool.
One such tool is visualroute.
Here is the download link http://www.visualroute.com/download.html.
Visualroute is graphical tool for mapping a network.
It visually show the route a packet has taken over the internet.
It also shows the geolocations of the points the packets have been through which is very convenient and running it a couple of times can give us a pretty good idea if two systems are on the same network.
This was only an introduction to information gathering.
There are far more powerful tools which performs the functions of multiple tools simultaneously and almost automates the entire process.
Some of these tools will be elaborated and their usage discussed in details in our next articles in the series.
Till then happy hunting.
![PUBG Mobile Hack, aimbot, wallhack and other cheat codes [2018]](https://www.hackingroyale.com/wp-content/uploads/2018/07/pubg-mobile.png)
![Termux Hacks Guide [2018] : Tutorial, Commands List, Tools, Apk, Uses, Packages](https://www.hackingroyale.com/wp-content/uploads/2018/07/Untitled-Design-7.jpg)
![How To Hack Twitter Account Password Without Them Knowing [Tutorial 2018]](https://www.hackingroyale.com/wp-content/uploads/2018/07/Untitled-Design-8.jpg)
