Book Image

Reconnaissance for Ethical Hackers

By : Glen D. Singh
5 (1)
Book Image

Reconnaissance for Ethical Hackers

5 (1)
By: Glen D. Singh

Overview of this book

This book explores reconnaissance techniques – the first step in discovering security vulnerabilities and exposed network infrastructure. It aids ethical hackers in understanding adversaries’ methods of identifying and mapping attack surfaces, such as network entry points, which enables them to exploit the target and steal confidential information. Reconnaissance for Ethical Hackers helps you get a comprehensive understanding of how threat actors are able to successfully leverage the information collected during the reconnaissance phase to scan and enumerate the network, collect information, and pose various security threats. This book helps you stay one step ahead in knowing how adversaries use tactics, techniques, and procedures (TTPs) to successfully gain information about their targets, while you develop a solid foundation on information gathering strategies as a cybersecurity professional. The concluding chapters will assist you in developing the skills and techniques used by real adversaries to identify vulnerable points of entry into an organization and mitigate reconnaissance-based attacks. By the end of this book, you’ll have gained a solid understanding of reconnaissance, as well as learned how to secure yourself and your organization without causing significant disruption.
Table of Contents (15 chapters)
Part 1: Reconnaissance and Footprinting
Part 2: Scanning and Enumeration

Collecting domain information

As an ethical hacker, collecting the Domain Name System (DNS) information and IP addresses and determining the backend infrastructure helps you to better understand the attack surface and attack vectors of a target. For instance, if you’re performing an external network penetration test or Open Source Intelligence (OSINT) penetration test on an organization, finding the target’s domain and website are good starting points. A domain name can lead you to discover the website and the sub-domains and IP addresses assigned to servers owned by the target.

This section focuses on using various tactics and techniques to retrieve the IP addresses, discovering any infrastructure details, and running web technologies on a target’s web server and domain.

Retrieving IP addresses

By retrieving the IP addresses of a target domain and its sub-domain, ethical hackers are able to map the external network topology and identify potential security...