Blog
  • $(whoami)
  • 📔Notes
    • eJPT
      • Networking
      • Penetration Testing
      • Information Gathering
      • Scanning
      • Vulnerability Assesment
      • Web Attacks
      • System Attacks
      • Network Attacks
      • Pivoting
  • Bug bountry
    • Shodan For Bug hunters
  • 📚Writeups
    • Black pearl
    • Page
Powered by GitBook
On this page
  • OSINT - Open Source Intelegence
  • Whois
  • Subdomain Enumeration
  • Tools
  • The Importance of Information Gathering

Was this helpful?

  1. Notes
  2. eJPT

Information Gathering

Information gathering is one of the most important phases of an engagement. This step of the process helps you understand the target organization, widen the attack surface and mount efficient and targeted attacks.

OSINT - Open Source Intelegence

  • Social networks

  • Public sites

  • Visiting the company websites

Whois

The whois database can offer a lot of great information:

  • Owner name

  • Street addresses

  • Email address

  • Technical contacts

whois domain.test

Subdomain Enumeration

Through subdomain enumeration a pentester can possibly identify additional resources of a target.

Tools

The Importance of Information Gathering

A good pentester spends 90% of their time widening the attack surface and 10% launching the correct commands to exploit the target.

PreviousPenetration TestingNextScanning

Last updated 2 years ago

Was this helpful?

📔
dnsdumpster.com
sublist3r
crt.sh
amass