search

Introduction To Information Gathering

hashtag
Information Gathering

Information gathering is the first step of any penetration test and involves gathering or collecting information about an individual, company, website or system that you are targeting.

hashtag
What is the first step in any penetration test that involves gathering or collecting information?

  • Information Gathering

    • The more information on your target, the more successful you will be during the latter stages of a penetration test.

hashtag
What type of information gathering involves gathering as much information as posible without actively engaging with the target?

  • Passive Information Gathering

hashtag
What type of information gathering involves gathering as much information as possible by actively engaging with the target system?

  • Active Information Gathering

hashtag
What involves utilizing publicly available information or resources to learn more about a website and more?

  • Passive information gathering

hashtag
Passive Information Gathering

  • Identifying IP Addresses and DNS information

  • Identifying domain names and domain ownership information

  • Identifying email addresses and social media profiles

  • Identifying web technologies being used on target sites

  • Identifying subdomains

hashtag
Active Information Gathering

  • Discovering open ports or target systems

  • Learning about the internal infrastructure of a target network/organization

  • Enumerating information from target systems

PreviousInformation GatheringNextPassive and Active Information Gathering

Last updated