Narsty
2.9 KiB
2.9 KiB
Reconnaissance
Welcome to the Reconnaissance repository!
This repository is dedicated to the topic of Reconnaissance in cybersecurity. It provides information, resources, and tools related to various aspects of Reconnaissance.
Introduction
Reconnaissance is the process of gathering information and intelligence about a target, typically used in cybersecurity to assess vulnerabilities and plan targeted attacks. This repository aims to educate and provide resources about the different aspects of Reconnaissance.
Types of Reconnaissance
- Passive Reconnaissance: This involves gathering information without directly interacting with the target. It includes techniques like open-source intelligence (OSINT) gathering, analyzing publicly available information, and searching for vulnerabilities.
- Active Reconnaissance: In this phase, an attacker engages with the target system to gather information actively. It may include techniques like port scanning, vulnerability scanning, and network mapping.
- Social Engineering: Reconnaissance can also involve social engineering techniques to gather information from individuals or organizations. This includes methods like phishing, pretexting, and impersonation.
Tools
- Nmap: A powerful network scanning tool used for port scanning and network mapping.
- Recon-ng: A full-featured reconnaissance framework that provides various modules for data gathering and OSINT.
- theHarvester: A tool for gathering emails, subdomains, hosts, employee names, open ports, and more.
- Shodan: A search engine for internet-connected devices, useful for finding vulnerable systems and exposed services.
- Gobuster: A tool used for directory and DNS busting during reconnaissance.
These are just a few examples of tools used in reconnaissance. Remember to always use these tools responsibly and legally, respecting the privacy and security of others.
Resources
Here are some additional resources to learn more about Reconnaissance: