Narsty
52 lines
2.9 KiB
Markdown
52 lines
2.9 KiB
Markdown
|
|
<div align="center">
|
|
<img src="https://botanicalpaperworks.com/wp-content/uploads/legacy/EarthBanner.jpg" alt="Top Image">
|
|
</div>
|
|
|
|
<h1 align="center"><u>Reconnaissance</u></h1>
|
|
|
|
<h4 align="center">
|
|
<p>Welcome to the Reconnaissance repository!</p>
|
|
|
|
<p>This repository is dedicated to the topic of Reconnaissance in cybersecurity. It provides information, resources, and tools related to various aspects of Reconnaissance.</p>
|
|
</h4>
|
|
|
|
|
|
## Introduction
|
|
|
|
<p>Reconnaissance is the process of gathering information and intelligence about a target, typically used in cybersecurity to assess vulnerabilities and plan targeted attacks. This repository aims to educate and provide resources about the different aspects of Reconnaissance.</p>
|
|
|
|
## Types of Reconnaissance
|
|
|
|
<h4>
|
|
<ol>
|
|
<li>Passive Reconnaissance: This involves gathering information without directly interacting with the target. It includes techniques like open-source intelligence (OSINT) gathering, analyzing publicly available information, and searching for vulnerabilities.</li>
|
|
<li>Active Reconnaissance: In this phase, an attacker engages with the target system to gather information actively. It may include techniques like port scanning, vulnerability scanning, and network mapping.</li>
|
|
<li>Social Engineering: Reconnaissance can also involve social engineering techniques to gather information from individuals or organizations. This includes methods like phishing, pretexting, and impersonation.</li>
|
|
</ol>
|
|
</h4>
|
|
|
|
## Tools
|
|
|
|
<h4>
|
|
<ul>
|
|
<li><a href="https://nmap.org/">Nmap</a>: A powerful network scanning tool used for port scanning and network mapping.</li>
|
|
<li><a href="https://github.com/lanmaster53/recon-ng">Recon-ng</a>: A full-featured reconnaissance framework that provides various modules for data gathering and OSINT.</li>
|
|
<li><a href="https://github.com/laramies/theHarvester">theHarvester</a>: A tool for gathering emails, subdomains, hosts, employee names, open ports, and more.</li>
|
|
<li><a href="https://www.shodan.io/">Shodan</a>: A search engine for internet-connected devices, useful for finding vulnerable systems and exposed services.</li>
|
|
<li><a href="https://github.com/OJ/gobuster">Gobuster</a>: A tool used for directory and DNS busting during reconnaissance.</li>
|
|
</ul>
|
|
</h4>
|
|
|
|
<p>These are just a few examples of tools used in reconnaissance. Remember to always use these tools responsibly and legally, respecting the privacy and security of others.</p>
|
|
|
|
## Resources
|
|
|
|
<p>Here are some additional resources to learn more about Reconnaissance:</p>
|
|
|
|
<h4>
|
|
<ul>
|
|
<li><a href="https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470">The Web Application Hacker's Handbook</a> by Dafydd Stuttard and Marcus Pinto</li>
|
|
<li><a href="https://osintframework.com/">OSINT Framework</a>: A collection of various tools and resources for OSINT.</li>
|
|
<li><a href="https://owasp.org/www-project-top-ten/">OWASP Top Ten Project</a>: A list of the top ten most critical web application security risks
|