Reconnaissance

The Reconnaissance phase is the most important phase of all. This phase is all about information-gathering about the target; the more information a penetration tester has about a target, the easier it is to exploit it. During this phase, the following are usually conducted:

• Usages of search engines such as Yahoo, Bing, and Google
• Searches on social networking websites about the company and employees (past and present)
• Performing Google hacking techniques to gather more precise information about the target
• Using various tools to perform footprinting of the target’s website
• Performing Domain Registry information gathering about the target
• Direct and indirect social engineering