Summary

The first real step in the attack process or kill chain is to conduct reconnaissance to identify the target and potential attack routes. Passive reconnaissance assesses data that is publicly available. This is a stealthy assessment—the IP address or activities of the attacker are almost indistinguishable from normal access. Nevertheless, this information can be critical when conducting social engineering attacks, or facilitating other attack types.

In the next chapter, we will assess the types of reconnaissance that are more active. Although these techniques produce more information, there is an increased risk of detection. Therefore, the emphasis will be on advanced stealth techniques.