Reconnaissance Phase
In warfare, “reconnaissance” is the process of collecting information about enemy forces using different detection methods. In ethical hacking, reconnaissance is the first phase targeted to gather and learn as much as information available about the target using tools like internet sources, social engineering techniques, dumpster diving, email harvesting, Whois database, etc. This chapter introduces different tools and techniques used during the active and passive reconnaissance phases in detail. Reconnaissance consists of footprinting, scanning, and enumeration techniques used to covertly discover and collect information about a target system. During reconnaissance, an ethical hacker attempts to gather as much information about a target system as possible. It can use active (by directly interacting with the target which have risk of getting caught like social engineering methods) or passive (like visiting target website) information-gathering methods in order to identify the target and discover its IP address range, network, domain name, mail server, DNS records, employee names, organization charts, and company details. The chapter also provides the details of possible countermeasures to be implemented on website to avoid revealing more information to the attackers.