Professional Documents
Culture Documents
Recconaissance
Recconaissance
this is the most important step in hacking and maybe we gonna spend 70% of our time in this
step.
very basic: in this step we are gonna get the company information about webserver they are using , physical location ,
founded in year, officers of the company, do they have any more branches., press releases.
basic things : here you are going to analyse what operating systems(windows or linux and their versions as well) they
are using, what web server they are using(IIS , apache, free BSD and their versions as well).
performing queries: here my goal is to get information about the underlying network,
DNS server , IP range , webserver on whois etc.
TYPES of recon:
active : means accessing data using social engineering skills .
passive : means using internet sources like wayback machine or whois etc.
internet : using internet , similar to passive but google hacking comes in this category
anonymous: anonymously accessing data such that they can't track you
organisation / private: information gathering from email services comes in this category.
GOALS OF RECON
network information
external domain :
internal domain :
ip addresses :
unmonitored/private websites :
TCP / UDP services they are using :
IDS / access controls :
VPN info:
phone nos. / voIP :
tools used :
search engines: like google , bing , lycos, don't just stick to first three pages of result go beyond that because you can
there find some historical data, also don't just stick to google only use lycos as well.
1/1