1
00:00:01,930 --> 00:00:08,800
Gathering all possible information on a target is always the most important aspect of a penetration

2
00:00:08,800 --> 00:00:12,520
testers thinking to achieve the best outcomes.

3
00:00:22,660 --> 00:00:30,160
In cybersecurity, Gathering information through publicly available sources is often referred to as

4
00:00:30,430 --> 00:00:34,390
open source intelligence or sins.

5
00:00:34,390 --> 00:00:40,630
So passive reconnaissance toward Osint occurs during the first step of the kill chain.

6
00:00:40,630 --> 00:00:48,250
When conducting a penetration test or attack against a given organization, an attacker will typically

7
00:00:48,250 --> 00:00:56,590
dedicate up to 75% of the overall work effort for a penetration test to reconnaissance, as it is the

8
00:00:56,590 --> 00:01:04,540
face that allows the target to be defined, mapped and explored for the vulnerabilities that will eventually

9
00:01:04,540 --> 00:01:06,730
lead to exploitation.

10
00:01:07,890 --> 00:01:15,420
There are two types of reconnaissance, passive reconnaissance, which means direct and indirect.

11
00:01:15,420 --> 00:01:18,880
And we also have active reconnaissance.

12
00:01:18,900 --> 00:01:25,020
Passive reconnaissance is the art of collecting and analyzing openly available information, usually

13
00:01:25,020 --> 00:01:28,290
from the target itself or public sources online.

14
00:01:28,440 --> 00:01:35,700
On accessing this information, the tester or attacker does not interact with the target in an unusual

15
00:01:35,700 --> 00:01:36,430
manner.

16
00:01:36,450 --> 00:01:43,060
Request and activities will be not logged and so will not be traced directly to the tester.

17
00:01:43,080 --> 00:01:50,190
Therefore, passive reconnaissance is conducted first to minimize the red contact that may signal an

18
00:01:50,190 --> 00:01:53,700
impending attack or to identify the attacker.

19
00:01:54,830 --> 00:02:01,550
In the section, you will learn the principles and practices of passive reconnaissance and open source

20
00:02:01,550 --> 00:02:07,970
intelligence, which include basic principles of reconnaissance, open source intelligence, online

21
00:02:07,970 --> 00:02:10,850
resources, and dark web search.

22
00:02:10,940 --> 00:02:13,610
We will also obtain a user information.

23
00:02:13,610 --> 00:02:21,230
We will also profile users for password lists, and we will also use the social media to extract password

24
00:02:21,230 --> 00:02:22,040
word list.

25
00:02:23,120 --> 00:02:29,210
Active reconnaissance, which involves direct interaction with a target, will be covered in next lecture

26
00:02:29,210 --> 00:02:30,910
of our course.

27
00:02:30,920 --> 00:02:34,910
My name is Typhoon and in next lectures I'm waiting you.