Researching a target with passive reconnaissance tools

Conclusion

There are many ways of performing recon online without ever going near a potential target. Attackers will take advantage of tools like the ones described in this article. If you're serious about thinking like an attacker, you can use these tools to do your own reconnaissance and determine how much of your data is exposed online. I encourage you to spend lots of time on the OSINT Framework site to gain a better understanding of the passive reconnaissance tools currently in use.

Infos

  1. "Indexing HTTPS Pages by Default": https://developers.google.com/search/blog/2015/12/indexing-https-pages-by-default
  2. crt.sh: https://crt.sh
  3. Sectigo: https://sectigo.com
  4. DNSDumpster: https://dnsdumpster.com
  5. OSINT Framework: https://osintframework.com
  6. DNS History: http://dnshistory.org
  7. 8086 Consultancy: http://www.8086.net
  8. Dehashed: https://www.dehashed.com
  9. Have I Been Pwned?: https://haveibeenpwned.com
  10. Notification at Have I Been Pwned?: https://haveibeenpwned.com/NotifyMe
  11. "The 15 Biggest Data Breaches of the 21st Century": https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html
  12. Dehashed Data Wells: https://dehashed.com/data

The Author

Chris Binnie is a Cloud Native Security consultant and coauthor of the book Cloud Native Security: https://www.amazon.com/Cloud-Native-Security-Chris-Binnie/dp/1119782236.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Credential Stuffing

    A credential stuffing cyberattack uses username and password credentials stolen in a data breach to gain access to your accounts. We explain how it works and how to prevent yourself from becoming a victim.

  • Mozilla Data Breach

    A partial database of Mozilla's addons.mozilla.org user accounts were inadvertently left on a publicly accessible server.

  • KnujOn

    Although spam filtering and blocking is helpful for the end user, it doesn't stop the production of spam. KnujOn strikes spam at the source.

  • DNS Subdomain Hijacking

    Attackers can use poorly maintained DNS records to gain access to your IP address. The open source DNS Reaper lets you monitor your records to ward off attacks.

  • RDAP

    RDAP provides structured information about domains. Besides practical command-line query tools, there are also libraries for integrating the protocol into your own programs.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News