Hacking Tutorials Information Gathering

Information Gathering : Knowing Your Target

The process of gathering information about your target is called information gathering. Information gathering is also called reconnaissance or just recon.
But the question is why we need to gather information? And most importantly, what kind of information?
Okay for example you have to hack into systems of an organization somehow. So what will you do? You are totally blank. You just know there is an organization with this name, that’s all. You will need to know about your target right? Like about their website(s), servers etc.
If you have enough information you will have many different breakpoints, you maybe able to target their employees, their website, their servers or even do social engineering physically.
You can even write this down, you will be spending 80% of your time in reconning and writing exploits and just 20% in really hacking the target.
A hacker has to be precise like a sniper, stealthy like a ninja. He never tries something on the target blindly thinking that it might work because that can raise alarm without any benefit.

Information Gathering can be categorized into two parts:
1. Passive Information Gathering: Gathering information without touching the target. In this phase we mainly try to gather publicly available information like information about the domain, hosting providers, publicly available phone numbers and emails, confidential record left available etc.

2. Active Information Gathering: It includes running port scans, footprinting OS and programs running on the server, fuzzing, analyzing website for potential vulnerabilities etc.
You will start with passive recon to get your self to get some idea about what you are actually targeting and then you can do active recon the potential targets you got from passive recon.
After reconnaissance, you can do vulnerability assessment and then write or find exploits for the vulnerability you can use that exploit to gain access.
So basically we can say there are 4 phases in the whole process of gaining access to a target:

information gathering

Tools For Information Gathering

There are a lot of tools available like nmap, sparta, maltego, recon-ng etc. But use online services instead of doing something from your machine whenever possible because using them will help you to minimize your footprints.
By online services I mean there are many websites that can help you to scan ports, to detect cloudflare, to gather domain information etc.
There are many such websites and I will tell you about them too and with experimenting you will know which ones are good and which ones are not.
So it was just an introductory article because we are going to start a whole series on Information Gathering.
I hope you guys liked it.

Also Read: What is HTTP Header: request/response header?

About the author

D3V

A n00b hacker and a proud member of Team Ultimate. I am infamous but known as D3V in my circle.

7 Comments

Click here to post a comment




Browse Categories:




Subscribe Now

Get the latest post directly into your inbox.

Thank you for subscribing.

Something went wrong.