Chapter 6. Information Gathering
All the business of war, and indeed all the business of life, is to endeavour to find out what you don't know from what you do.
—Arthur Wellesley, 1st Duke of Wellington -September 4th 1852
This chapter discusses the various means of obtaining and analyzing information and intelligence. This chapter covers the following topics:
Where to find information and what to look for.
How to perform forensic analysis on electronic media.
How to understand the value of what people throw away.
How to approach photographic intelligence gathering.
How to perform electronic surveillance.
How to perform covert surveillance.
Each requires a different approach and skill set. It is not always necessary to employ all of the techniques detailed in this chapter in every physical penetration test you perform. However, you should ensure that you become fluent in all of them. For example, the first time you enter a target facility at night is not the best time to learn how to use infrared film nor should the first time you acquire discarded digital media be the first time you experiment with forensic acquisition.
In a book of this nature, which by necessity must cover a range of subjects, it is not always possible to give as much attention as one would like to each individual subject. My intention with this chapter is to make you think in a different way about security – to put yourself in the position of the attacker. Only by doing so can you really appreciate the range of ...
Get Unauthorised Access: Physical Penetration Testing For IT Security Teams now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
