上QQ阅读APP看书,第一时间看更新
Passive information gathering
Passive information gathering is commonly referred to as Open Source Intelligence (OSINT). When you're performing passive information gathering, the main aim is to collect as much information about the target as possible without alerting the target. In the passive information gathering phase, you will leverage publicly published information using a number of tools and third-party databases. You will be surprised at how much information you can gain from publicly accessible resources.
Common passive information gathering techniques are as follows:
- Investigating DNS records to find mail server details, subdomains, and more
- Using crafted searches on search engines to discover any information, such as files
- Discovering internet connected devices
- Using tools to obtain information, such as email addresses
The OSINT framework aims to collect information from freely available resources. A good online resource that I encourage you to look at is as follows: https://osintframework.com.
Let's do some information gathering by using something that is rife with information—the internet.