Book Image

Reconnaissance for Ethical Hackers

By : Glen D. Singh
5 (1)
Book Image

Reconnaissance for Ethical Hackers

5 (1)
By: Glen D. Singh

Overview of this book

This book explores reconnaissance techniques – the first step in discovering security vulnerabilities and exposed network infrastructure. It aids ethical hackers in understanding adversaries’ methods of identifying and mapping attack surfaces, such as network entry points, which enables them to exploit the target and steal confidential information. Reconnaissance for Ethical Hackers helps you get a comprehensive understanding of how threat actors are able to successfully leverage the information collected during the reconnaissance phase to scan and enumerate the network, collect information, and pose various security threats. This book helps you stay one step ahead in knowing how adversaries use tactics, techniques, and procedures (TTPs) to successfully gain information about their targets, while you develop a solid foundation on information gathering strategies as a cybersecurity professional. The concluding chapters will assist you in developing the skills and techniques used by real adversaries to identify vulnerable points of entry into an organization and mitigate reconnaissance-based attacks. By the end of this book, you’ll have gained a solid understanding of reconnaissance, as well as learned how to secure yourself and your organization without causing significant disruption.

Related Content you might be interested in

Current Title:

Small book image
Reconnaissance for Ethical Hackers
Glen D. Singh
Aug, 2023 | 430 pages
Small book image
The Ultimate Kali Linux Book
Glen D Singh
Feb, 2022 | 742 pages
Small book image
Learn Kali Linux 2019
Glen D Singh
Nov, 2019 | 550 pages
Small book image
Hands-On Penetration Testing with Kali NetHunter
SeanPhilip Oriyano | Glen D Singh
Feb, 2019 | 302 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Disclaimer
Get in touch
Share your thoughts
Download a free PDF copy of this book
1
Part 1: Reconnaissance and Footprinting
Part 1: Reconnaissance and Footprinting
Free Chapter
2
Chapter 1: Fundamentals of Reconnaissance
Chapter 1: Fundamentals of Reconnaissance
What is ethical hacking?
The importance of reconnaissance
Understanding attack surface management
Reconnaissance tactics, techniques, and procedures
Summary
Further reading
3
Chapter 2: Setting Up a Reconnaissance Lab
Chapter 2: Setting Up a Reconnaissance Lab
Technical requirements
Lab overview and technologies
Setting up a hypervisor and virtual networking
Deploying Kali Linux
Deploying an OSINT virtual machine
Implementing vulnerable systems
Summary
Further reading
4
Chapter 3: Understanding Passive Reconnaissance
Chapter 3: Understanding Passive Reconnaissance
Technical requirements
Exploring passive reconnaissance
Fundamentals of OSINT
Concealing your online identity
Anonymizing your network traffic
Summary
Further reading
5
Chapter 4: Domain and DNS Intelligence
Chapter 4: Domain and DNS Intelligence
Technical requirements
Leveraging search engines for OSINT
Domain intelligence
Discovering sub-domains
DNS reconnaissance
Summary
Further reading
6
Chapter 5: Organizational Infrastructure Intelligence
Chapter 5: Organizational Infrastructure Intelligence
Technical requirements
Harvesting data from the internet
Discovering exposed systems
Collecting social media OSINT
Summary
Further reading
7
Chapter 6: Imagery, People, and Signals Intelligence
Chapter 6: Imagery, People, and Signals Intelligence
Technical requirements
Image and metadata analysis
People and user intelligence
Wireless signals intelligence
Summary
Further reading
8
Part 2: Scanning and Enumeration
Part 2: Scanning and Enumeration
9
Chapter 7: Working with Active Reconnaissance
Chapter 7: Working with Active Reconnaissance
Technical requirements
Active reconnaissance
Spoofing your identity on a network
Discovering live hosts on a network
Using evasion techniques
Enumerating network services
Wireless reconnaissance
Summary
Further reading
10
Chapter 8: Performing Vulnerability Assessments
Chapter 8: Performing Vulnerability Assessments
Technical requirements
The importance of vulnerability management
Working with Nessus
Using Greenbone Vulnerability Manager
Vulnerability discovery with Nmap
Summary
Further reading
11
Chapter 9: Delving into Website Reconnaissance
Chapter 9: Delving into Website Reconnaissance
Technical requirements
Collecting domain information
Sub-domain enumeration
Performing directory enumeration
Web application vulnerability
Web reconnaissance frameworks
Summary
Further reading
12
Chapter 10: Implementing Recon Monitoring and Detection Systems
Chapter 10: Implementing Recon Monitoring and Detection Systems
Technical requirements
Wireshark for ethical hackers
Monitoring and detection systems
Summary
Further reading
13
Index
Index
Why subscribe?
14
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share your thoughts
Download a free PDF copy of this book

Preface

Cybersecurity is one of the most interesting topics and demanding fields in the world. As the world continues to evolve, the same can be said for our technological advances to help humans improve the way they perform tasks. However, there are many systems and networks around us that contain hidden security weaknesses that are taken advantage of by adversaries such as hackers. As a cybersecurity author and lecturer, I’ve heard from many professionals, enthusiasts, and students about the importance of finding a book that guides the reader to thoroughly understand how to efficiently perform reconnaissance techniques and procedures to identify and reduce the attack surface of their organizations.

Reconnaissance is the first phase of any cyber-attack performed by an adversary. The attacker needs to understand the infrastructure of the target, identify whether any security vulnerabilities exist and how to exploit them, and what attack vectors can be used to carry out the attack on the target. Without such intelligence about the target, the hacker will experience difficulties in compromising the potential victim. As an aspiring ethical hacker, it’s essential to understand the Tactics, Techniques, and Procedures (TTPs) that are commonly used by real hackers to discover hidden security vulnerabilities and apply those TTPs to help improve the cyber defenses of your organization.

Organizations commonly leak too much sensitive data about themselves on the internet without realizing how such data can be leveraged by a threat actor in planning a future attack on their target. Learning reconnaissance-based techniques and procedures helps ethical hackers to identify how organizations are leaking data, determine the potential impact and cyber-risk to an organization if an attacker were to leverage the leaked data to execute a cyber-attack, and how to mitigate and implement countermeasures to improve the cyber defenses of the company.

Over the years, I’ve researched and developed a lot of cybersecurity-related content, and one of the most important elements of being an ethical hacker and penetration tester is the need to keep up to date with the ever-changing cybersecurity landscape. There are new tools, techniques, and procedures that are being developed and used by cybersecurity professionals in the industry to ensure they are at least one step ahead of cyber-criminals and help secure their organizations’ assets. As a result, ethical hackers and penetration testers need to be well equipped with the latest knowledge, techniques, skills, and tools to efficiently perform reconnaissance-based attacks and Open Source Intelligence (OSINT) penetration testing to determine the attack surface of their organization.

During the writing process of this book, I’ve used a student-centric and learner-friendly approach to ensure all readers are able to easily understand the most complex topics, terminologies, and why there is a need to identify security vulnerabilities in organizations, systems, and networks.

This book begins by introducing you to the importance of reconnaissance and how both cybersecurity professionals and adversaries use it to identify vulnerable points of entry in a company. Then, you’ll be taken through an exciting journey learning how to apply reconnaissance-based TTPs that are commonly used by adversaries to efficiently collect and analyze publicly available data to create a profile about their targets’ systems and network infrastructure. You will learn how to set up a sock puppet and anonymize your internet-based traffic to conceal your identity as an ethical hacker to reduce your threat level during reconnaissance assessments.

Furthermore, you’ll discover how people and organizations are leaking data about themselves and how adversaries can leverage it to improve their cyber-attacks and threats. You’ll also learn how to leverage OSINT and common tools to identify exposed systems and networks within organizations, gather leaked employees’ credentials, and perform wireless signals intelligence to better understand how a potential hacker can compromise their targets.

In addition, you will gain hands-on skills in performing active reconnaissance to identify live systems, open ports, running services, and operating systems, and perform vulnerability assessments to identify how an attacker can identify security vulnerabilities on a system and what organizations can do to mitigate the threat. Furthermore, you’ll learn how to identify the attack surface of a target’s website and infrastructure and discover additional assets owned by the same target. Lastly, you’ll discover how to leverage Wireshark and popular open source tools to identify reconnaissance-based attacks and threats on a network as a cybersecurity professional.

Upon completing this book, you’ll have been taken on an amazing journey from beginner to expert by learning, understanding, and developing your reconnaissance-based skills in ethical hacking and penetration testing as an aspiring cybersecurity professional in the industry.

Previous Section
Next Section