In this write-up, I’ll go through the best tools used by penetration tester to do Information Gathering.
Identifying Our Target:
please double check when you read this if tesla still exists or not, if for any reason Tesla passed out you must pick up other client.any other behavior out of this scope it’s in your risk.
There are so many tools to do reconnaissance but here we try to have a realistic approach and a realistic methodology when you came to…
There are so many types of Passive Recon. we will go through physical and social Recon. Physical meaning actually going on-site and doing a physical engagement or the social engineering aspect or maybe doing phishing assessment or even including in a physical engagement just gathering this information from the physical aspect is incredibly useful. So we have location information so we might utilize something like satellite images or often we will go on-site and do drone recon. where we fly a drone around and try to gain information from that we can find out information like:
what is the building…
In these five stages, we actually start with
this stage is also known as Information gathering, there are two different types of Recon. Active and Passive
- Passive Recon. : when you going to google and search for something, say you are given a client and you are looking there Linkedin accounts, pictures, employees names, etc. this all passive you’re not actually going to the company website and doing something active against it.
- Active Recon. : It is a more direct approach. when you actually interact directly with the company website and doing digging into it, it is kind of…
The OSI Model
If you read what I wrote before you will see that I spooked a lot about layer three or layer two, but what is these layer, these all correspond with what is called OSI model, Now if you ever in network interview or you have talked with somebody has experience in networking will hear a lot of these layers especially from people who have been in the filed for some time may just say layer two instead of switching or layer three inside of routing, so will discuss the OSI model very quickly, give you how to…
TCP vs UDP
When we talking about TCP and UDP we actually talking about layer three of the OSI model which is the Transport layer.
What is TCP: Transmission Control Protocol is one of the main protocols of the Internet protocol suite. it is a connection-oriented protocol.
What is UDP: User Datagram Protocol is one of the core members of the Internet protocol suite. it a connectionless protocol.
Now when we come to high-reliability one is best suited that is TCP its connection-oriented protocol we can look at something like website (http, https), SSH, or FTP these all utilize TCP.
Media Access Control Addresses
Coming to layer two of the OSI model we have MAC Address which is in the physical layer, now remember IP Address in layer three (network layer).
MAC stands for Media Access Control and that is identified as ether in ifconfig as we can see in the photo below, we can think of that as physical address and the way that we communicate when we using switches.
Switches communicate of this physical Address this is kind of how they know what devices are what, Assum that you build your computer and you installed your network interface…
To bring up your IP address type $ifconfig in your terminal & in Windows >ipconfig
inet -> for IPv4
inet6 -> for IPv6
this is how to communicate devices communicating, we communicate over layer 3 (Network Layer [Routing])
IPv4 is in deceminal notation 8bit.8bit.8bit.8bit = 32byte
11111111 = 8bit
or you can made it as
128 — 64 — 32 — 16 — 8 — 4 — 2 — 1
1 — 1 — 1 — 1 — 1 — 1 — 1 — 1 = 255
0 0 0 0 0 1 1 1 = 7