- Gathering Information on Your Targets
- Infrastructure
- Fingerprinting Frameworks and Applications
- Fingerprinting Custom Applications
- Enumerating Resources
- Information Disclosure Through Misconfiguration
- Google Hacking
- Shodan HQ
What is Information Gathering?
- The initial phase of any penetration test involves information gathering. This step revolves around gathering data about an individual, company, website, or system that is the target of the assessment.
- Success in the later stages of a penetration test is closely linked to the extent of information gathered about the target. In other words, the more comprehensive the data collected, the higher the chances of success.
- Information gathering can be categorized into two main types: passive and active.
{% content-ref url="https://app.gitbook.com/s/PNcjhcAuvH4mlZKYrNu3/readme/assessment-methodologies-and-auditing/1.1-information-gathering" %} 1.1 Information Gathering {% endcontent-ref %}
{% content-ref url="https://app.gitbook.com/s/PNcjhcAuvH4mlZKYrNu3/readme/assessment-methodologies-and-auditing/1.2-footprinting-and-scanning" %} 1.2 Footprinting & Scanning {% endcontent-ref %}
{% content-ref url="https://app.gitbook.com/s/iS3hadq7jVFgSa8k5wRA/practical-ethical-hacker-notes/main-contents/2-footprinting-and-recon" %} 2 - Footprinting & Recon {% endcontent-ref %}
{% content-ref url="https://app.gitbook.com/s/PNcjhcAuvH4mlZKYrNu3/readme/assessment-methodologies-and-auditing/1.3-enumeration" %} 1.3 Enumeration {% endcontent-ref %}