Chapter 4. Intelligence Gathering
Actionable information is the key to success when performing a penetration test. The amount of public data that is available on the Internet is staggering, and sifting through it all to find useful information can be a daunting task. Luckily, there are tools available that assist in gathering and sorting through this wealth of knowledge. In this chapter, we will be reviewing some of these tools and focus on how to use the information to ensure your penetration tests are efficient, focused, and effective. Key topics covered include:
- What is reconnaissance and why do we need it?
- Reconnaissance types
- Using DNS to quickly identify potential targets
- Using search engines data
- Using metadata to your advantage