Book Image

Reconnaissance for Ethical Hackers

By : Glen D. Singh
5 (1)
Book Image

Reconnaissance for Ethical Hackers

5 (1)
By: Glen D. Singh

Overview of this book

This book explores reconnaissance techniques – the first step in discovering security vulnerabilities and exposed network infrastructure. It aids ethical hackers in understanding adversaries’ methods of identifying and mapping attack surfaces, such as network entry points, which enables them to exploit the target and steal confidential information. Reconnaissance for Ethical Hackers helps you get a comprehensive understanding of how threat actors are able to successfully leverage the information collected during the reconnaissance phase to scan and enumerate the network, collect information, and pose various security threats. This book helps you stay one step ahead in knowing how adversaries use tactics, techniques, and procedures (TTPs) to successfully gain information about their targets, while you develop a solid foundation on information gathering strategies as a cybersecurity professional. The concluding chapters will assist you in developing the skills and techniques used by real adversaries to identify vulnerable points of entry into an organization and mitigate reconnaissance-based attacks. By the end of this book, you’ll have gained a solid understanding of reconnaissance, as well as learned how to secure yourself and your organization without causing significant disruption.

Related Content you might be interested in

Current Title:

Small book image
Reconnaissance for Ethical Hackers
Glen D. Singh
Aug, 2023 | 430 pages
Small book image
The Ultimate Kali Linux Book
Glen D Singh
Feb, 2022 | 742 pages
Small book image
Learn Kali Linux 2019
Glen D Singh
Nov, 2019 | 550 pages
Small book image
Hands-On Penetration Testing with Kali NetHunter
SeanPhilip Oriyano | Glen D Singh
Feb, 2019 | 302 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Disclaimer
Get in touch
Share your thoughts
Download a free PDF copy of this book
1
Part 1: Reconnaissance and Footprinting
Part 1: Reconnaissance and Footprinting
Free Chapter
2
Chapter 1: Fundamentals of Reconnaissance
Chapter 1: Fundamentals of Reconnaissance
What is ethical hacking?
The importance of reconnaissance
Understanding attack surface management
Reconnaissance tactics, techniques, and procedures
Summary
Further reading
3
Chapter 2: Setting Up a Reconnaissance Lab
Chapter 2: Setting Up a Reconnaissance Lab
Technical requirements
Lab overview and technologies
Setting up a hypervisor and virtual networking
Deploying Kali Linux
Deploying an OSINT virtual machine
Implementing vulnerable systems
Summary
Further reading
4
Chapter 3: Understanding Passive Reconnaissance
Chapter 3: Understanding Passive Reconnaissance
Technical requirements
Exploring passive reconnaissance
Fundamentals of OSINT
Concealing your online identity
Anonymizing your network traffic
Summary
Further reading
5
Chapter 4: Domain and DNS Intelligence
Chapter 4: Domain and DNS Intelligence
Technical requirements
Leveraging search engines for OSINT
Domain intelligence
Discovering sub-domains
DNS reconnaissance
Summary
Further reading
6
Chapter 5: Organizational Infrastructure Intelligence
Chapter 5: Organizational Infrastructure Intelligence
Technical requirements
Harvesting data from the internet
Discovering exposed systems
Collecting social media OSINT
Summary
Further reading
7
Chapter 6: Imagery, People, and Signals Intelligence
Chapter 6: Imagery, People, and Signals Intelligence
Technical requirements
Image and metadata analysis
People and user intelligence
Wireless signals intelligence
Summary
Further reading
8
Part 2: Scanning and Enumeration
Part 2: Scanning and Enumeration
9
Chapter 7: Working with Active Reconnaissance
Chapter 7: Working with Active Reconnaissance
Technical requirements
Active reconnaissance
Spoofing your identity on a network
Discovering live hosts on a network
Using evasion techniques
Enumerating network services
Wireless reconnaissance
Summary
Further reading
10
Chapter 8: Performing Vulnerability Assessments
Chapter 8: Performing Vulnerability Assessments
Technical requirements
The importance of vulnerability management
Working with Nessus
Using Greenbone Vulnerability Manager
Vulnerability discovery with Nmap
Summary
Further reading
11
Chapter 9: Delving into Website Reconnaissance
Chapter 9: Delving into Website Reconnaissance
Technical requirements
Collecting domain information
Sub-domain enumeration
Performing directory enumeration
Web application vulnerability
Web reconnaissance frameworks
Summary
Further reading
12
Chapter 10: Implementing Recon Monitoring and Detection Systems
Chapter 10: Implementing Recon Monitoring and Detection Systems
Technical requirements
Wireshark for ethical hackers
Monitoring and detection systems
Summary
Further reading
13
Index
Index
Why subscribe?
14
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share your thoughts
Download a free PDF copy of this book

Fundamentals of Reconnaissance

As an aspiring ethical hacker, penetration tester, or red teamer, reconnaissance plays an important role in helping cybersecurity professionals reduce organizations’ digital footprint on the internet. These digital footprints enable adversaries such as hackers to leverage publicly available information about a target to plan future operations and cyber-attacks. As more organizations and users are connecting their systems and networks to the largest network infrastructure in the world, the internet, access to information and the sharing of resources are readily available to everyone. The internet has provided the platform for many organizations to extend their products and services beyond traditional borders to potential and new customers around the world. Furthermore, people are using the internet to enroll and attend online classes, perform e-commerce transactions, operate online businesses, and communicate and share ideas with others.

Nowadays, using the internet is very common for many people. For instance, if an organization is looking to hire an employee to fill a new or existing role, the recruiter simply posts the job vacancy with all the necessary details that are needed for an interested candidate. This enables anyone with internet access to visit various job forums and recruiting websites to seek new career opportunities and easily submit an application via the online platform. Information that’s posted and available online enables adversaries to collect and leverage specific details about the targeted organization. Such details help hackers to determine the type of network infrastructure, systems, and services that are running on the internal network of a company without breaking in. This book will teach you all about how threat actors and ethical hackers are able to leverage publicly available information in planning future operations that lead to a cyber-attack.

During the course of this chapter, you will gain a solid understanding of the importance of reconnaissance from both an adversary and cybersecurity professional’s perspective, and why organizations need to be mindful when connecting their systems and network to the internet. Furthermore, you will learn the fundamentals of attack surface management, why it’s important to organizations, and how cybersecurity professionals use it to reduce the risk of a possible cyber-attack on their networks. Lastly, you will discover the tactics, techniques, and procedures that are commonly used by threat actors, adversaries, ethical hackers, and penetration testers during the reconnaissance phase of an attack.

In this chapter, we will cover the following topics:

  • What is ethical hacking?
  • Importance of reconnaissance
  • Understanding attack surface management
  • Reconnaissance tactics, techniques, and procedures

Let’s dive in!

Previous Section
End of Section 1
Next Section