Information Gathering

• Information gathering is an essential part of any security assessment.
• This is the phase in which we gather all available information about the company, its employees and infrastructure, and how they are organized.
• Information gathering is the most frequent and vital phase throughout the penetration testing process, to which we will return again and again.

Information Gathering Categories:

• Open-Source Intelligence
• Infrastructure Enumeration
• Service Enumeration
• Host Enumeration

All four categories should and must be performed by us for each penetration test. Any exchange of information always has a specific purpose. For computer networks, the aim is always to trigger a particular process. Be it storing data in a database, registering, generating specific values, or forwarding the information.

Open-Source Intelligence (OSINT)

• OSINT is a process for finding publicly available information on a target company or individuals that allows the identification of events (i.e., public and private meetings), external and internal dependencies, and connections.

Infrastructure Enumeration

• We use services such as DNS to create a map of the client's servers and hosts and develop an understanding of how their infrastructure is structured.
• We make an accurate list of hosts and their IP addresses and compare them to our scope to see if they are included and listed.