Skip to content

Latest commit

 

History

History
92 lines (58 loc) · 2.96 KB

README.md

File metadata and controls

92 lines (58 loc) · 2.96 KB

Reconnaissance

Reconnaissance is gathering information about a target system or network, to identify vulnerabilities that could be exploited. This process is also known as Footprinting or Information Gathering.

A Passive Reconnaissance Techniques Approach.

  1. Visit the target website for manual

    Employee information

    • Names

    • Job titles

    • Responsibilities

    Contact information

    • Physical addresses

    • Email Address

    • Phone numbers

  2. To find how search engines crawl a website, webmasters can use both the robots.txt file and the sitemap file.

  3. Source code Review.

    • Comments
    • Backend Language
    • Scripts
    • External resources
    • Metadata

  4. Web Archive.

    • External resources
    • Website structure
    • Website functionality
    • Website Traffic
    • Website history

  5. Web technology.

    • Server-side scripting language Information.
    • Operating System Information.
    • System architecture
    • Web server software Information.

  6. Whois Lookup.

    • Whois
    • Reverse Whois
    • Whois History

  7. IP lookup.

    • IP To Location.
    • IP History.
    • IP Tracroute
    • Reverse IP lookup.

  8. Searching Shodan.

  9. Google Doarkin.

  10. Git Recon.

  11. OSINT Framework.

  12. People Searches

  13. IP logger

  14. Email Tracking OR Spoofing

  15. Call Spoofing

  16. Online Jos listings

  17. Technical Support Forums

  18. Blog, Forums

  19. Social Media profile

  20. Google Alerts.