WEBVTT 00:01.930 --> 00:08.800 Gathering all possible information on a target is always the most important aspect of a penetration 00:08.800 --> 00:12.520 testers thinking to achieve the best outcomes. 00:22.660 --> 00:30.160 In cybersecurity, Gathering information through publicly available sources is often referred to as 00:30.430 --> 00:34.390 open source intelligence or sins. 00:34.390 --> 00:40.630 So passive reconnaissance toward Osint occurs during the first step of the kill chain. 00:40.630 --> 00:48.250 When conducting a penetration test or attack against a given organization, an attacker will typically 00:48.250 --> 00:56.590 dedicate up to 75% of the overall work effort for a penetration test to reconnaissance, as it is the 00:56.590 --> 01:04.540 face that allows the target to be defined, mapped and explored for the vulnerabilities that will eventually 01:04.540 --> 01:06.730 lead to exploitation. 01:07.890 --> 01:15.420 There are two types of reconnaissance, passive reconnaissance, which means direct and indirect. 01:15.420 --> 01:18.880 And we also have active reconnaissance. 01:18.900 --> 01:25.020 Passive reconnaissance is the art of collecting and analyzing openly available information, usually 01:25.020 --> 01:28.290 from the target itself or public sources online. 01:28.440 --> 01:35.700 On accessing this information, the tester or attacker does not interact with the target in an unusual 01:35.700 --> 01:36.430 manner. 01:36.450 --> 01:43.060 Request and activities will be not logged and so will not be traced directly to the tester. 01:43.080 --> 01:50.190 Therefore, passive reconnaissance is conducted first to minimize the red contact that may signal an 01:50.190 --> 01:53.700 impending attack or to identify the attacker. 01:54.830 --> 02:01.550 In the section, you will learn the principles and practices of passive reconnaissance and open source 02:01.550 --> 02:07.970 intelligence, which include basic principles of reconnaissance, open source intelligence, online 02:07.970 --> 02:10.850 resources, and dark web search. 02:10.940 --> 02:13.610 We will also obtain a user information. 02:13.610 --> 02:21.230 We will also profile users for password lists, and we will also use the social media to extract password 02:21.230 --> 02:22.040 word list. 02:23.120 --> 02:29.210 Active reconnaissance, which involves direct interaction with a target, will be covered in next lecture 02:29.210 --> 02:30.910 of our course. 02:30.920 --> 02:34.910 My name is Typhoon and in next lectures I'm waiting you.