In the previous parts of this series, I talked about various types of web engines useful in reconnaissance phase, and curiosities, which can be found with their help. During real tests, it can be different; sometimes, this phase can create critical errors. Often, however, it is possible to obtain only residual information about the target …
Tag: Reconnaissance
Nmap and 12 useful NSE scripts
Nmap is the most popular free security scanner developed by Gordon Lyon (f.f. Fyodor Vaskovich). The first version of Nmapa was published on October 1, 1997, in the online magazine, Phrack. For those interested in the beginnings of this scanner, here is a full article that shows the capabilities and source code of the first …
IT Infrastructure Reconnaissance – Part 2 (Shodan, Censys, ZoomEye)
In the first part of this series I discussed the use of search engines as a source of information in the initial phase of the reconnaissance. As I mentioned in that article, search engines such as Google, Yahoo and Bing can allow you to search for information critical to security tests. The information presented below …
IT infrastructure reconnaissance – part 1 (Google hacking)
The basis of web application or infrastructure security tests is a reconnaissance, i.e. the collection of all subdomains, IP addresses, and other publicly available information. It is a good practice to use several tools simultaneously during the reconnaissance, which of course, will greatly increase the effectiveness of this testing phase – information omitted by one …