Penetration Testing OSINT Gathering with Recon-ng

Recon-ng is an open source framework built to scan the internet's vast data stores to help you discover potential security problems. This course will prepare you for the exploit testing stages of your penetration testing process.
Course info
Rating
(11)
Level
Intermediate
Updated
May 11, 2017
Duration
50m
Table of contents
Description
Course info
Rating
(11)
Level
Intermediate
Updated
May 11, 2017
Duration
50m
Description

At the core of the penetration testing process is a thorough knowledge of open source intelligence (OSINT) gathering. In this course, Penetration Testing OSINT Gathering with Recon-ng, you'll learn how to use the free Recon-ng framework to find possible infrastructure vulnerabilities. First, you'll explore how the more than ninety scan modules included in Recon-ng are organized and prepared for use. Next, you'll dive into specifics of how to plan and run scans. Finally, you'll cover how to interpret and report the data that you get back. When you're finished with this course, you'll be able to leverage Recon-ng's many powerful tools to shine a bright light on the true state of your company's security.

About the author
About the author

David taught high school for twenty years, worked as a Linux system administrator for five years, and has been writing since he could hold a crayon between his fingers. His childhood bedroom wall has since been repainted.

More from the author
Linux System Optimization
Intermediate
1h 3m
Dec 27, 2019
Using Docker on AWS with the Command Line
Beginner
1h 25m
Jun 12, 2019
More courses by David Clinton
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Do you want to learn how to penetration test network and public-facing infrastructure like a pro? Well before you can actually launch a white hat pen test attack to uncover your target's vulnerabilities, you'll first need to prepare by gathering as much OSINT, open-source intelligence, as you can possibly get. By using freely available search and scanning tools, it's possible to unearth amazing levels of detail on a company's technology stacks, networks, IT protocols, managers, employees, and website. But manually looking for all those details can take forever, and the odds are that you'll end up missing important stuff. The open-source intelligence gathering framework, Recon-ng, can quite literally do it all for you. You provide some basic seed data, point the tool to the domain you're after, and pretty much instantly, it'll return more data than you'll know what to do with. And then it'll organize the data into one of a number of consumable formats. Why waste time doing this by hand when Recon-ng is ready to serve? In this course, we'll learn how to identify which of the many dozens of Recon-ng scan modules you need, how to properly prepare them for effective deployment, then how to interpret and report on everything that you find.