You should
learn as much as possible about a target's environment and system traits prior
to launching an attack. The more information you can identify about a target,
the better chance you have to identify the easiest and fastest path to success.
Black box
testing requires more reconnaissance than White box testing since data is not
provided about the target(s). Reconnaissance services can include researching a
target's Internet footprint, monitoring resources, people, and processes,
scanning for network information such as IP addresses and systems types, social
engineering public services such as help desk and other means.
Reconnaissance is the first
step of a Penetration Testing service engagement regardless if you are
verifying known information or seeking new intelligence on a target.
Kali Linux
offers a category labeled Information Gathering that serves as a Reconnaissance resource. Tools include methods to
research network, data center, wireless, and host systems.
The
following is the list of Reconnaissance goals:
- Identify target(s)
- Define applications and business use
- Identify system types
- Identify available ports
- Identify running services
- Passively social engineer information
- Document findings
No comments:
Post a Comment