Reconnaissance is the first step into gaining access to the target for example if this is an individual target the more information we can gather about the user the better our delivery in Phishing can be, if this is corporate say then the more information we can gather in our recon we might not need the Phishing Method for Initial Access maybe there is a public exploit that help us gain access but we can also take the approach of gaining employee information and work as if it was an individual user.

There are 2 methods for gathering information Passive and Active.


This is a good approach for gathering information as we will NOT touch the target in any way such as Scanning Ports making an unusual request to the user/business to gather information.


This method is NOISY this method in approaching the target is a great method for gathering even more personal, specific, or more information about a target that is usually not found in the passive method but it's a great way to get caught.

Last updated