Reconnaissance is the first step of the penetration testing. There are two ways to perform reconnaissance: Passive and Active.
Passive reconnaissance is finding out information about the target within engaging with their network and finding available information about the target from that are available online or to public (Rouse, 2012). Active reconnaissance is finding out information about the target by engaging with its network.
Passive reconnaissance can be perform to find out information such as their email address, their system information using whois or Arin or any other different tools. Google hacking technique can be also used to find out information about the company. Active reconnaissance ca be performed using Nmap. Nmap can be used to find out about the open ports within their network.
References:
Rouse, M. 2012. Passive reconnaissance. Retrieved from: https://whatis.techtarget.com/definition/passive-reconnaissance#:~:text=Passive%20reconnaissance%20is%20an%20attempt,determine%20find%20any%20open%20ports.
Leave a Reply
You must be logged in to post a comment.