Reconnaissance Processes

Question 1

How do we carry out reconnaissance

Answer 1

Internet Research

Question 2

What areas can you research on internet for your mission

Answer 2

1. Company Websites
2. Social Media
3. Discussion Groups
4. Financial Reports
5. News Articles

Question 3

What is Social Engineering

Answer 3

Going undercover to get to know the employees or vendors of the company

Question 4

What are examples of Social Engineering?

Answer 4

Afterwork social gatherings

Question 5

What kind of information can you get from afterwork social gatherings?

Answer 5

1. Just in casual conversations with work colleagues you can find out
   a lot of information that could help you know when the vulnerable
   times are at the company
2. Someone may inadvertently give enough information about
   themselves and their lifestyles for you to work out their password

Question 6

What is Dumpster diving?

Answer 6

Going through the trash to maybe get:
1. Employee Names
2. Account numbers
3. Client Names
4. Vendor information

Question 7

So in general, What are we looking for in the stages of Reconnaissance?

Answer 7

In marketing themselves a business will share a lot of information about themselves. You can find:
1. Contact Names
2. Phone numbers
3. Email addresses
4. General information about their security systems
5. Technical Infrastructure

Question 8

What can you accomplish once you get addresses?

Answer 8

You can use location applications to:
1. Research surrounding neighbourhoods
2. Building layout
3. Work out any geographical or physical barriers

Question 9

What can you accomplish once you get employee names?

Answer 9

You can then search their social media connections for information such as:
1. Facebook
2. Linkdin
3. Tik Tok
4. Instagram …………… etc

Question 10

What is the distinction between an Ethical Hacker and a criminal hacker?

Answer 10

An Ethical Hacker must ALWAYS have permission from the client

Question 11

What does this ‘permission’ entail

Answer 11

Before starting any work, a written documentation must be obtained, that gives the Ethical Hacker permission from the customer

Question 12

What should be included in the written documentation for permission?

Answer 12

1. Scope
2. Guidelines
3. Any limitations

Question 13

Do you need to record all information, document information

Answer 13

Yes, documenting every aspect of your mission should be done as soon as possible so that it is still fresh in your mind!

Question 14

What is Google Hacking, and is it legal?

Answer 14

Google Hacking is a means of securing a lot of information that a company does not know is public. You will use some ‘operators’ to find deeper company information that can be useful.
Yes, Google Hacking is legal!

Question 15

What is ‘Foot-printing’

Answer 15

You can use email and web site foot-printing to:
1. Gather some information that was not meant to be
public, but has been accidentally put out there
2. Gather information that was old but has not been disposed of
properly

Question 16

What can web site and email foot-printing provide?

Answer 16

1. Information Flow
2. Operating systems
3. File names
4. Network connections

It is possible to create a network map without even entering the building depending on the level of the company’s security,

Question 17

What is Domain Name System (DNS) used for?

Answer 17

Using DNS is a convenient network addressing method

Question 18

What can an IP address provide you with?

Answer 18

Network access point such as an email or web server

Question 19

What are some internet researching tools?

Answer 19

1. Google Earth
2. Google Maps
3. Webcams
4. Echosec
5. Maltego
6. Wayback Machine

Question 20

What is Google Earth?

Answer 20

Google Earth is a satellite imagery tool that provides current and historical images of most locations. Images can date back over several decades.

Question 21

What is Google Maps?

Answer 21

Google Maps is a web mapping service that provides a street view of houses, businesses, roadways, and topologies.

Question 22

What are Webcams?

Answer 22

Webcams are online streaming digital cameras that can provide video of places, people, and activity in an area.

Question 23

What is Echosec?

Answer 23

Echosec is a tool that can be used to pull information from social media postings that were made using location services. You can select a location on a map and view all posts that have occurred at that location. These results can be filtered by user, date, or keyword.

Question 24

What is Maltego?

Answer 24

Maltego is an open-source forensics tool that can be used to pull information from social media postings and find relationships between companies, people, email addresses, and other information.

Question 25

What is Wayback Machine?

Answer 25

The Wayback Machine is a nonprofit catalog of old site snapshots. It may contain information that your target thought they had removed from the internet.