Skip to main content

Reconnaissance Using Recon-ng And Netcraft



              The post is to demonstrate the basic usage of Reconnaissance tools like Recon-ng, Netcraft etc. These are quite useful and must have tools being a pen tester. As we know that being a pen tester, its very important to gather target information as much as possible. The tools can help you collect enough useful information like, Scanning target for possible subdomains registered, IP addresses, ports numbers, geo location etc...

Gathering Subdomain Information

Using recon-ng application is quite easier as it has various modules. In addition to this, we can use Netcraft to collect additional information as follows:

Disclaimer: The sites used here are solely for educational purpose as its a freely available site to validate Pen testing capabilities and has no intention to harm.
1. To open the application, type the command as below
Execute the command as follows to invoke recon-ng application




2. Using Netcraft with Recon-ngNetcraft can be used to collect subdomain information as below
3. Getting IP address information for collected subdomainUsing hosts resolve module to collect IP information for concern subdomains.
4. Collecting Geographic location details
Using freegeoip module to gather geographic location details of collected IP addresses
5. Exporting details in reports
Using Reporting module to export all the collected information in various available formats.



There are still many modules, which I am working on and will be publishing in my next blog.
















Comments

Post a Comment

Popular posts from this blog

SSL, TLS And Digital Certificates

What is TLS/SSL Information security plays a vital role in this ever changing world of Digitization. Of course, you won't like someone keeping an eye on you or eavesdrop and try to tamper the information while you are in an important conversation with your boss or colleague or anyone for that matter. We have seen several cases where information being manipulated by attackers using specific attacks like MITM (Man In The Middle) and lead the organization to lose confidential data. To avoid such incidents and also keeping privacy concerns in mind, SSL(Secure Socket Layer) protocol was developed in 1995 and has been highly preferred to use to avoid any chances of getting compromised. The SSL and its successor TLS(Transport Layer Security) are both sometimes referred to as SSL. These are the cryptographic protocols used with several encryption/decryption algorithms(ciphers) to provide a secure network to communicate from one device to another. The protocol is highly recommended, ...
Post a Comment
Read more