techspecspro.com

Reconnaissance and it’s importance for hackers Part 1

Disclammer: All the information bout Reconnaissance given in this blog is for educational and ethical purposes only please don’t misuse it.
Read our terms and conditions for further information.
Read our privacy policy how data is collected.

Reconnaissance and it's importance for hackers Part 1

The process of gathering information about the target system, network, or orginazation to understand it’s structure and identify vulnerabilities is reconnaissance.

Why Reconnaissanceis is important in cyber security?

Recon helps ethical and malicius hackers to gather information to understand the target system weakneses and vulnerabilities.

White hat hackers identify potent security breaches or weakness in system to safe it from black hat hackers.

Black hat hackers gather sensitive information like passwords, persnol data and system wekneses like open ports etc.

General Cybersecurity Reconnaissance Concept

Types of Reconnaissance

Two main types of Reconnaissance:

  • Active Recon
  • Passive Recon

Passive Recons:

Gathering of publically availible information about the target system without the direct interaction like checking a company’s website or looking at someone’s social media profile etc. In this method the target system did not know anything about the hackers. this method is very safe and helpful for black hat hackers.in the passive recon you are like a ghost and only public data is used like search engines and social media profiles.

Active Recon:

Direct interaction with the targeted system like scanning of ports on a particular website that which port is open. in this way the recon gather detalied information about the targeted system. Ping commands are used if the system is online and maps are scan to discover open ports and services. this method provides veryu deep analysis but this method is risky for a black hat hacker because they are likely to leve the logs and target system might detect hackers activity. Nmap, Ping, Tracurate are mainly used by active hackers.

When to Active or Passive recon?

Both hackers start generally with Passive recon to remain stealth and gather surface level information. Once the ethical hackers get the proper authorization they move to active recon and get deeper analysis.

Which Type of information can be gathered by Reconnaissance

Whether we are performing active or passive recon the thing is that what kind of data is we are collecting and looking for and how it can be useful for us.
All the types of Data we collect are given below.

  • Network Information
  • Domain Information
  • Persnol Information
  • System information
  • Sensitive files and meta data
Data Collected in Reconnaissance

Network Information:

  1. Ip addresses
  2. open port and the services which are running on it
  3. The structure of network

Domain Information:

  1. Ownership Detailes
  2. Hidden subdomains which are not publically visible
  3. DNS Record like mail server or website location
Domain Information in reconniassance

Persnonal Information:

  1. Name and role within an orginazation
  2. Social media activity and online behavoiurs
  3. Email addreses and phone numbers

System Information:

  1. Type of Operating system
  2. Types of software and their versions
  3. Weak points like default settings and outdated softwares

Sensitive Files and Meta Data:

  1. Documents or spreadsheets lefted online
  2. Meta dat show the creation of files and last edit
  3. Breached credentials which are availible on the internet
sensitive files and meta data collection in reconniassance

Gathering of information during Reconnaissance is about more that just one category. it’s all about building comprehensive understanding of our target . whether we are performing active or passive recon it help us to get the target information. ethical hackers mostly start with with passive recon because we have already discussed that it is safe once they get the proper authorization they go ahead and start with active recon. active recon is more detailed because it give the system weaknes information.

please ignore below:

Hashtags:

cybersecurity #ethicalhacking #cyberthreats #infosec #dataprotection #onlinesecurity #cyberreconnaissance #passivereconnaissance #activereconnaissance #cyberIntelligence #threathunting #pentesting
hacking #osint #networksecurity #cyberawareness #cyberdefense #ethicalhacker reconnaissance #cyberreconnaissance #recon #cyberrecon #infogathering #datacollection

if you want to perform ethical hacking and start free courses visit this link now
hackwithhusnain

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *