Information Gathering

• Information Gathering is also called as " reconnaissance "
• In Information Gathering we have two categories
  1. Active Information Gathering
  2. Passive Information Gathering
• Information gathering is the first step of any penetration test and involves gathering or collecting information about an individual, company, website or system that you are targeting.
• Passive information gathering - Involves gathering as much information as possible without actively engaging with the target.
• Active information gathering - Involves gathering as much information as possible by actively engaging with the target system. (You will require authorization in order to perform active information gathering)

1. Passive Information Gathering :

• Identifying IP addresses & DNS information.
• Identifying domain names and domain ownership information.
• Identifying email addresses and social media profiles.
• Identifying web technologies being used on target sites.
• Identifying subdomains.

2. Active Information Gathering :

• Discovering open ports on target systems.
• Learning about the internal infrastructure of a target network/organization.
• Enumerating information from target systems

Next : Passive Information Gathering
Home : Satvik's Hacking Garden