From the course: CompTIA PenTest (PT0-002) Cert Prep

Unlock this course with a free trial

Join today to access over 23,200 courses taught by industry experts.

Passive reconnaissance

Passive reconnaissance

From the course: CompTIA PenTest (PT0-002) Cert Prep

Start my 1-month free trial Buy for my team

Passive reconnaissance

- The initial type of reconnaissance that one carries out in a penetration test or a real live attack is typically passive reconnaissance. Passive reconnaissance is, remember, that kind of reconnaissance where we don't actually send out any information. We just listen. We just consume information. And it's not just listening. We actually can go to other sites that are not our target and collect information. So, let's review and talk a little bit more about how we can collect this wealth of information about a potential victim. First, we want to be careful about where these applications are running and what type of environments are in use. Is the target a cloud-based environment or a self-hosted environment, or a combination of the two? You want to determine the deployment model to figure out where the different pieces of the puzzle actually reside. As you start collecting IP addresses, look up the location of those IP addresses and the owner, and you may find out that the owner may be…

Contents