Week 4: Passive OSINT
Hacking in Five Steps - This lesson will introduce the five key components of hacking: reconnaissance, enumeration, exploitation, maintaining access, and covering tracks. These five key concepts will be built upon as we progress, with at least one part dedicated to each component. The Art of Reconnaissance - This lesson will discuss reconnaissance in depth and cover common tools used in the process. Some of the tools that will be covered are the OSINT Framework, SET, theHarvester, Bluto, Google Dorks, and Shodan. More tools will likely be added as the lesson is written.
Five Stages of Hacking
01
02
03
04
05
Reconnaissance
Scanning and Enumeration
Gaining Access
Maintaining Access
Covering Tracks
Passive Recon - Physical / Social
Location Information
ā¢ Satellite images ā¢ drone recon ā¢ building layout (badge readers, break areas, security, fencing)
Job Information
ā¢ Employees (name, job title, phone number, manager, etc.) ā¢ Pictures (badge photos, desk photos, computer photos, etc.)
Passive Recon - Web / Host
Target Validation
ā¢ WHOIS, nslookup, dnsrecon
Finding Subdomains
ā¢ Google-fu, dig, Nmap, Sublist3r, Bluto, crt.sh, etc.
Fingerprinting
ā¢ Nmap, Wappalyzer, WhatWeb, BuiltWith, Netcat
Data Breaches
ā¢ HaveIBeenPwned and similar lists
Last updated