1
00:00:00,270 --> 00:00:01,110
Hi, everyone.

2
00:00:01,140 --> 00:00:02,610
Welcome to this news section.

3
00:00:02,610 --> 00:00:07,800
In this section, we are going to learn how to gather information about the target using some tools

4
00:00:07,800 --> 00:00:08,630
and Web sites.

5
00:00:08,970 --> 00:00:11,810
So Recognizer's is the name of this whole process.

6
00:00:12,120 --> 00:00:17,070
So over the years, malicious attackers have found various ways to penetrate into a system.

7
00:00:17,640 --> 00:00:22,110
They gather information about the target, identify vulnerabilities and then unleash an attack.

8
00:00:22,500 --> 00:00:28,740
So once inside the target, they try to hide their tracks and remain hidden for a long time that how

9
00:00:28,740 --> 00:00:34,890
can we not necessarily follow the same sequence, but as a penetration test following the suggested

10
00:00:34,890 --> 00:00:38,460
approach will help you to conduct the assessment in a structured way.

11
00:00:38,640 --> 00:00:45,060
And the data collected at each stage help in preparing a report that is available of your clanked.

12
00:00:45,570 --> 00:00:53,100
An attacker is aim is to just to ultimately own the system so they might not follow any sequential methodology

13
00:00:53,460 --> 00:00:58,380
as a basis to your aims to identify as many as you can.

14
00:00:58,380 --> 00:01:00,900
And following a methodology is really useful.

15
00:01:01,410 --> 00:01:05,560
So however, you also need to be creative and think out of the box.

16
00:01:06,030 --> 00:01:09,000
So what we can see that there are some different up.

17
00:01:09,300 --> 00:01:12,570
There are some different stages of changes and testing.

18
00:01:12,990 --> 00:01:18,390
Like first one is reconnaissance that is scanning, then exploitation, then maintaining access and

19
00:01:18,660 --> 00:01:19,790
covering the tracks.

20
00:01:20,190 --> 00:01:26,940
So reconnaissance and scanning are the initial stage of penetration testing and the success of penetration

21
00:01:26,940 --> 00:01:31,980
test depends on the quality of information gathering during these fees.

22
00:01:32,400 --> 00:01:39,090
So in this section, we will simply learn or work as a banquet's intestine, extract information using

23
00:01:39,090 --> 00:01:43,780
both we can see website based and tool based reconnaissance.

24
00:01:44,310 --> 00:01:48,360
So first of all, before going into it, let's understand what is reconnaissance?

25
00:01:49,030 --> 00:01:56,010
Reconnaissance is a tool and a technique used by different forces to obtain information about the enemy

26
00:01:56,250 --> 00:01:59,040
in a way that does not allow the other side.

27
00:01:59,700 --> 00:02:05,380
And the same method is applied by the malicious user to obtain information related to the target.

28
00:02:06,090 --> 00:02:12,540
So information gathering is the main aim of reconnaissance and information gathered at the initialised.

29
00:02:12,540 --> 00:02:15,230
It is to be considered as very important.

30
00:02:16,320 --> 00:02:23,640
The attacker working with the malicious content based bill simply information learned during the reconnaissance

31
00:02:23,640 --> 00:02:27,120
date and gradually moves ahead with the exploitation.

32
00:02:27,630 --> 00:02:35,340
And a small bit of information that looks very ugly may help you in highlighting a social flaw in the

33
00:02:35,340 --> 00:02:36,930
later stage of the test.

34
00:02:37,820 --> 00:02:44,330
A good point isn't Tester is the one who knows how to identify low scoring abilities that have a potential

35
00:02:44,330 --> 00:02:50,690
of causing a huge damage under some conditions, so an attacker would be eyeing a single ability to

36
00:02:50,690 --> 00:02:51,290
exploit.

37
00:02:51,470 --> 00:02:52,340
And your target?

38
00:02:52,370 --> 00:03:00,710
To me, the system has proven by identifying even the smallest vulnerability that an attacker can exploit

39
00:03:00,920 --> 00:03:01,910
to gain access.

40
00:03:02,390 --> 00:03:09,650
So what the aim of reconnaissance, the aims of reconnaissance is like identifying the IP address subdomains

41
00:03:09,650 --> 00:03:14,030
and relayed information using who is record search engines and dinosaurs.

42
00:03:14,450 --> 00:03:20,180
And the second thing is simply accumulating the information about the target Web site from publicly

43
00:03:20,180 --> 00:03:22,700
available resources such as Google being Yahoo!

44
00:03:22,700 --> 00:03:29,420
And on and identifying people related to the largest with the help of social networking sites like Google,

45
00:03:29,430 --> 00:03:32,750
Flickr, Instagram, Twitter and tools such as Maitake.

46
00:03:32,750 --> 00:03:39,980
With the help of that and determining the physical location of the target using QIP database, satellite

47
00:03:39,980 --> 00:03:42,130
images from Google Map and Bing Maps.

48
00:03:42,680 --> 00:03:44,390
So these all are the terms.

49
00:03:44,630 --> 00:03:50,530
These all are the things that will be going to gather information about in this particular section.

50
00:03:50,810 --> 00:03:54,530
So without wasting time, let's begin with our information gathering section.