WEBVTT 00:11.280 --> 00:19.800 Reconnaissance and footprint think the various pieces of hacking include reconnaissance, scanning, 00:19.800 --> 00:25.050 gaining access, maintaining access and clearing tracks. 00:25.380 --> 00:30.600 The reconnaissance phase is the most important phase of a penetration test. 00:30.610 --> 00:38.520 So this is when the ethical hacker or penetration tester conducts extensive research into gathering 00:38.520 --> 00:41.730 as much information about the target as possible. 00:41.760 --> 00:48.930 Furthermore, foot printing will help create a profile of the target gathering profile information such 00:48.930 --> 00:53.620 as running services, open ports and operating systems. 00:53.640 --> 01:00.180 We will now look at both reconnaissance and food printing in more detail. 01:02.160 --> 01:10.270 From a military perspective, reconnaissance is the observation and research of an enemy target in cybersecurity. 01:10.290 --> 01:16.530 As a penetration tester, we use various tools and techniques to gather detailed information about the 01:16.530 --> 01:20.550 target organization and its underlying infrastructure. 01:20.910 --> 01:24.660 Reconnaissance is a vital in the field of penetration testing. 01:24.690 --> 01:32.310 As a penetration tester, we definitely need to know about our target as well as its vulnerabilities 01:32.310 --> 01:37.890 and operating systems before we attempt to gain access via exploitation. 01:37.950 --> 01:45.030 The information gathered during the reconnaissance phase will help us to choose the right tools and 01:45.030 --> 01:49.260 techniques to successfully exploit the target. 01:49.530 --> 01:58.560 Reconnaissance can be divided into two main categories passive and active. 01:58.680 --> 02:06.840 Passive means users and indirect approach, and does not engage the target. 02:08.340 --> 02:15.480 Active here means directly engages the target to gather specific details. 02:15.630 --> 02:22.740 Next, we will dive into understanding of food printing in ethical hacking. 02:25.180 --> 02:26.440 Footprint thing. 02:26.830 --> 02:34.210 Footprint thing is a procedure whereby as much information as possible is gathered in relation to a 02:34.210 --> 02:34.930 target. 02:35.960 --> 02:37.250 In food printing. 02:37.250 --> 02:46.010 The objective is to obtain specific details about a target such as its operating systems and the service 02:46.010 --> 02:49.100 versions of running applications. 02:50.160 --> 02:57.630 The information that's collected can be used in various ways to gain access to the target system's network 02:57.630 --> 03:00.840 or an organization footprint. 03:00.840 --> 03:08.940 Think allows a penetration tester to understand the security posture of the target infrastructure, 03:08.940 --> 03:15.060 quickly identify security vulnerabilities on the target systems and networks. 03:15.060 --> 03:23.100 And we will it will also help to create a network map of the organization and reduce the layer of focus 03:23.100 --> 03:31.530 to the specific IP addresses, domain names and the types of devices regarding which information is 03:31.530 --> 03:32.490 required. 03:34.270 --> 03:39.310 Food printing is a part of the reconnaissance pace. 03:39.430 --> 03:46.290 However, science foot printing is able to provide more specific details about the target. 03:46.300 --> 03:52.210 We can consider a foot printing to be a subset of a reconnaissance phase. 03:52.210 --> 03:54.520 So there is a diagram. 03:54.520 --> 04:02.110 This shows a visual overview of how reconnaissance and food printing sit together. 04:02.230 --> 04:08.650 So we will also maintain objectives of food printing, where you will learn collecting network information 04:08.650 --> 04:14.530 such as domain names, IP addressing schemes and network protocols. 04:14.530 --> 04:20.920 You will also learn the collecting system information, which is user and group names or routing tables, 04:20.920 --> 04:23.320 system names and types. 04:23.320 --> 04:30.700 You will also learn collecting organization information which is employed, detail company director 04:30.700 --> 04:32.860 and location details. 04:32.860 --> 04:38.080 So to success, fully obtain an information about the target. 04:38.170 --> 04:42.340 I would recommend using the some food printing methodologies. 04:42.340 --> 04:49.900 For example, checking a search engine such as Yahoo Being and Google performing Google hacking techniques, 04:49.900 --> 04:55.540 information gathering through social media platforms such as Facebook, LinkedIn, Instagram and Twitter. 04:56.170 --> 05:03.400 You can also use network food printing techniques, social engineering, perform the dense food printing 05:03.400 --> 05:05.910 use the WHO is command. 05:05.920 --> 05:12.920 You will also perform the email food printing techniques so you are not able to differentiate between 05:12.940 --> 05:15.340 reconnaissance and food printing. 05:15.340 --> 05:21.880 So both reconnaissance and food printing are required during a penetration testing as each provides 05:21.880 --> 05:24.100 a vital information about the target. 05:24.430 --> 05:31.180 In the next section, we will take a deep dive into a passive information gathering.