In this chapter, we focused on basic methods and tools penetration testers use to glean information about the networks they target during security assessments.

The chapter started off by demonstrating the Whois tool and covered tips and tricks one can use to automate the whois tool as well as do very rewarding look ups and integrate the output from Whois with other useful tools. We then moved on to the DNS protocol and covered tools available from the Kali Linux command line that can be used to gain information from DNS servers about a specific target. We specifically discussed dig and dnsmap. After this, we covered how to enumerate targets on a local network by making use of the light-weight addressing protocols commonly used in networks. ...