What You Will Find
ToggleIntroduction
Reconnaissance commonly knows as Recon stage in Cyber Security is similar to knowing details about a person before dealing with them. Recon is the initial step which is very vital for the success of the Hacker. In this stage the Hacker tries to gather as much information as possible so that it can be helpful in the exploitation stage. It can supply all of the necessary information for gaining access to networks that are not connected to the internet. In a nutshell, a recon is an unlimited source of knowledge that may be exploited.
The Recon stage has follow steps that a Cyber Security Specialist takes in order to have a fruitful recon:
- Gathering primary information
- Identifying the network’s coverage area
- Detection of active machinery
- Locating accessible ports and access locations
- Using the fingerprint of the operating system to identify it
- Identifying services at ports
- Generating a network architecture
Keep reading to know more about Recon in Cyber Security.
RecoN Phases in cyber Security
As Recon is a vital step, it has two main phases/type which the cyber security specialist uses to gather information about the target for a successful exploitation. Those two phases are listed below
Passive Recon in cyber security
In this phase or type of recon the cyber security specialist/ Ethical Hacker tries to gather the information about the target that are publicly available over the internet without having to connect or communicated with the target network. The information that have been fetched is then investigated and relative and useful information are saved for reference which assists the ethical hacker during the exploitation phase. Some of the tools used for the passive recon are:
- Wireshark: Wireshark is a packet analyzer for networks. The data acquired by a network packet analyzer is presented in as much detail as feasible.
- Shodan: Shodan is an Internet-connected device search engine. Websites may be found using web search engines like Google and Bing. It is much more than an ordinary web search engine to know more click the click below.
- Whois: Whois is a popular Internet record listing that tells you who owns a domain and how to contact them. Domain name registration and ownership are governed by the Internet Corporation for Assigned Names and Numbers (ICANN).
Recommended : Link Here
Active Recon in cyber security
Passive recon in cyber security didn’t require communication with the target but on the contrary to that active recon require the ethical hacker to direct interact with the target network. The main objective of this type of recon is to find out the possible entry point that can be used to access the target. Some of the tool used for active recon are listed below.
- Nmap: Nmap (Network Mapper) is a network discovery and security auditing tool that is free and open source. It’s also beneficial for jobs like network inventory, managing service update schedules, and monitoring host or service uptime, according to several systems and network managers.
- Metasploit: Metasploit enables and arms defenders to always stay one step (or two) ahead of the game. It helps security teams do more than merely check vulnerabilities, manage security assessments, and raise security awareness; it empowers and arms defenders to stay one step (or two) ahead of the game.
- Nessus:Nessus is a remote security scanning application that examines a computer and alerts you if it finds any vulnerabilities that malevolent hackers may exploit to obtain access to any computer on your network. It accomplishes this by doing over 1200 tests on a specific machine, determining whether any of these assaults may be used to break into or harm the computer.
To Learn More about Active Recon : Active Reconnaissance / Active Recon
Also Check Out This : What Is the Difference Between Offensive and Defensive Security?
And don’t forget to comment if you have any queries or suggestion or you could reach out to us directly by send us a message. Happy Hacking!!!