上QQ阅读APP看书,第一时间看更新
Reconnaissance objectives
- Target background: What is the focus of the target's business?
- Target's associates: Who are the business partners, vendors, and customers?
- Target's investment in security: Are security policies advertised? What is the potential investment security, and user security awareness?
- Target's business and security policies: How does the business operate? Where are the potential weaknesses in operation?
- Target's people: What type of people work there? How can they become your asset for the attack?
- Define targets: What are the lowest hanging fruit targets? What should be avoided?
- Target's network: How do the people and devices communicate on the network?
- Target's defenses: What type of security is in place? Where is it located?
- Target's technologies: What technologies are used for e-mail, network traffic, storing information, authentication, and so on? Are they vulnerable?
Kali Linux contains an extensive catalog of tools titled Information Gathering specified for Reconnaissance efforts. It could fill a separate book to cover all tools and methods offered for Information Gathering. This chapter will focus on various web application Reconnaissance topics and relate the best tools found on the Internet as well as that offered by Kali Linux.