Information Gathering

Information gathering is the first step of any penetration test and is arguably the most important as all other phases rely on the information obtained about the target during the information gathering phase. This course will introduce you to information gathering and will cover the process of performing both passive and active information gathering by leveraging various tools and techniques to obtain as much information as possible from a target.

Introduction To Information Gathering

What is Information Gathering?

Information gathering is the first step of any penetration test and involves gathering or collecting information about an individual, company, website or system that you are targeting.
The more information you have on your target, the more successful you will be during the latter stages of a penetration test.
Information gathering is typically broken down into two types:
- Passive Information Gathering - Involves gathering as much information as possible without actively engaging with the target.
- Active Information Gathering - Involves gathering as much information as possible by actively engaging with the target system. (You will require authorization in order to perform active information gathering)

What Information Are We Looking For?

Passive Information Gathering:

Identifying IP addresses & DNS information.
Identifying domain names and domain ownership information.
Identifying email addresses and social media profiles.
Identifying web technologies being used on target sites.
Identifying subdomains.

Active Information Gathering:

Discovering open ports on target systems.
Learning about the internal infrastructure of a target network/organization.
Enumerating information from target systems.

Hacker's Mantra:There are only two types of companies in the world: those that have been breached and know it and those that have been breached and don’t know it. - Ted Schlein

PreviousAssessment Methodologies NextPassive Information Gathering

Last updated 10 months ago

Was this helpful?

Introduction To Information Gathering

What is Information Gathering?

Information gathering is the first step of any penetration test and involves gathering or collecting information about an individual, company, website or system that you are targeting.

The more information you have on your target, the more successful you will be during the latter stages of a penetration test.

Information gathering is typically broken down into two types:

Passive Information Gathering - Involves gathering as much information as possible without actively engaging with the target.
Active Information Gathering - Involves gathering as much information as possible by actively engaging with the target system. (You will require authorization in order to perform active information gathering)

What Information Are We Looking For?

Passive Information Gathering:

Identifying IP addresses & DNS information.

Identifying domain names and domain ownership information.

Identifying email addresses and social media profiles.

Identifying web technologies being used on target sites.

Identifying subdomains.

Active Information Gathering:

Discovering open ports on target systems.

Learning about the internal infrastructure of a target network/organization.

Enumerating information from target systems.

Hacker's Mantra:

There are only two types of companies in the world: those that have been breached and know it and those that have been breached and don’t know it. - Ted Schlein