📕
The Red Book
  • 📕The Red Book
  • 🦳Stages of Ethical Hacking
    • 1️⃣Information Gathering
      • Active Information Gathering
        • DNS Zone Transfers
        • NMAP
        • netdiscover
        • sqlMap
        • Nikto
        • Shodan
        • RustScan
        • Amass
        • fping
      • Passive Information Gathering
        • Website Recon & Footprinting
        • Whois Enumeration
        • Netcraft
        • ⭐DNS
        • Identify if site is protected by firewall or proxy - wafw00f
        • Subdomain Enumeration - Sublist3r
        • ❌theHarvester (borked)
        • Email gathering
        • Leaked Password Databases
        • Certificates
    • 2️⃣Enumeration
      • SMB
        • Windows discover & Mount
        • NMAP Scripts
        • SMBMap
        • Samba with Linux
        • Dictionary Attack
      • FTP
      • SSH
      • HTTP
        • Subdomain
        • IIS
        • Apache
      • SQL
    • 3️⃣Vulnerability Assessment
      • Nessus
  • 💾System/Host Based Attacks
    • 🪟Windows
      • Frequently exploited Windows Services
    • 🐧Linux
  • 🥽Dorks
    • Google
      • Cheatsheet
      • Examples
    • Extra
  • 🎣Phishing
    • Gophish
    • evilgophish
    • King Phisher
    • EvilURL
  • 🔎OSINT
    • Temporary links
  • 👾Data exfiltration
    • Temporary links
  • 🐝OWASP
    • Top10
  • 📙Cheat Sheet
    • Curl
Powered by GitBook
On this page
Edit on GitHub
  1. 🦳Stages of Ethical Hacking
  2. 1️⃣Information Gathering

Active Information Gathering

Active information gathering - is when you interact directly with a computer system in order to gather system specific information about the target. Unlike passive information gathering which relies on publicly available information, active information gathering relies on tools that will send different types of requests to the computer. The goal is to gather information about that device or other devices that are connected to it on the same network.

  • Active recon can be used to find out information such as open/closed ports, the OS of a machine, the services that are running, banner grabbing, discovering new hosts or find vulnerable applications on a host.

  • Discover:

    • Open ports

    • Learn about internal infrastructure

    • Enumerating information

PreviousInformation GatheringNextDNS Zone Transfers

Last updated 2 years ago

Page cover image