In Information Security, Reconnaissance or Footprinting or Information Gathering, is the most basic and first step, any hacker/attacker will take, if he wants to launch a systematic computer security attack. This process involves gathering of information about the target from every way possible, to reach a stage which could give him pointers to launch attack. Attacker always like to attack the weakest link which can be in form of an individual, service, configuration, device etc. Careful observation and analysis of these collected data can help attacker to decide attack scope and build strategy around it.
From Ethical Hackers/Security Testers prospect
Reconnaissance or Information Gathering is one of the first and initial step which any Ethical Hacker or Security Professional takes from Security Testing point of view. Information gathering process not only helps him to understand his target in better way but can also reveal his scope of testing and area where he needs to focus more from vulnerabilities point of view.
Traditionally, in security testing, information gathering (also known as Footprinting) is limited to discovery of IP address/Range, Server types, ports and services. But careful examination of gathered facts and details can also reveal data in form of internal corporate structure, management and process details, domain directory structures, sensitive files, configurations, databases, internal zero-day errors, contact information, application insights, vendor and client details and much more. If Social Engineering is in testing scope, Security reconnaissance may provide easy and detailed information required to bypass counter-checks at target’s end.
Passive Ethical Hacking is one of the trending security domain, as careful examination and manipulation of publicly available information can reveal much detailed insights and sensitive information, which traditionally requires lot of effort and active testing. Like, we may need to send number of network packets, run different analysis tools etc to get details on Network/Perimeter Firewall type. This information can easily be obtained from Internal or Public Job portal, if target has posted related job-opening. In-order to get exact and matching skill-sets, companies casually post some sensitive insights and details. Or, if we know some details of existing or old employees, either their resume posted on public job portals or their profile in Social Media will reveal tons of much desired details.
This course provides details of different active and passive information gathering tools and techniques. Some of the areas in Passive Ethical Hacking are also presented with help of dedicated video demonstration as proof-of-concept of the topic.
Google is one of the most widely used and popular search engine. In order to make themselves publicly available, domains or websites, allow it to crawl on its pages and directory structure. Effective utilization of search operators not only helps in refining desired and appropriate result, but sometimes it may also reveal sensitive information in form of hidden pages, directories, files, documents, configurations etc. Google Hacking is a trendy term given to this process. Worst part is, all of this is done within ethical limits as all of this information or data is available in public although without target’s concise.
This course provides details on popularly used Google search operators and their advanced usage from Google Hacking point of view.
Reconnaissance Penetration Test or Recon Pentest is another trending domain and is getting popular as separate branch in Information Security Testing. Just like any other Security Testing process, this test is performed by an organization on itself to check its security systems. However, it mainly aims at flaws and vulnerabilities of the system which could cause or provide possibility of data leakage from publically or easily available sources. Although Reconnaissance or Footprinting is already present as first step in any Ethical hacking process, its scope is limited and objective in nature. While, Recon Pentest is treated as dedicated and detailed process for cause.
This course provides some brief insights on this process. It helps tester to decide scope of its testing process and workflow of same.
Why to take this course?
Click Here for complete course Curriculum
What you will learn?
How it can help you?
"Build or Master a Skill-set"
“Learn unique Concepts”
“Learn here, Apply anywhere”
Enroll now and get...
1. Lifetime Access to Course and all updates
2. E-book as a Gift, delivered exclusively for your Amazon Kindle
Information Reconnaissance and Google Hackin g (Launch in Jan’2016)
3. Course Completion Certificate from Hack2Secure
4. Announcements, Pre-Sale and Discount Coupons for our upcoming courses
5. Dedicated Email-support to resolve your queries, by our expert team
Exclusive Festival Discount Offer
Use Coupon RECON25 to enroll at exclusive Launch discount price.
Launch Offer : 25% OFF
Coupon Code : RECON25
Offer End Date: 02/28/2016
For any question/query/concern about this course, feel free to email us at firstname.lastname@example.org
Click here for some of the FAQs