Before starting an intrusive test in our client is necessary to perform some reconnaissance about the network to identify all information possible about the system. Some information can be collected without sending any probes to the target system this is called passive recon.
Passive Recon
Active Recon
Port Scans
nmap -sS poplabsec.com --reason
Services Enumeration
nmap -sS -A poplabsec.com
DNS brute force
dnsx
Comments