Dive into an extensive video tutorial on red team reconnaissance techniques, part of the HackerSploit Red Team series. Explore both passive and active intelligence gathering methods, including DNS analysis, subdomain enumeration, port scanning, and vulnerability assessment. Learn to use various tools such as host, nslookup, traceroute, dnsrecon, wafw00f, dig, WHOIS, Netcraft, DNS Dumpster, whatweb, and browser add-ons for passive reconnaissance. Discover active techniques using tools like Fierce, knockpy, Sniper, Amass, and recon-ng. Gain insights into automating tests, visualizing results, and generating comprehensive reports. Master essential skills for effective red team operations and enhance your cybersecurity knowledge through this in-depth, hands-on guide.
Overview
Syllabus
Introduction
What is Reconnaissance?
Mitre Attack Recon Techniques Overview
Let’s Begin with Passive Reconnaissance
Using the host command
Using the nslookup command
Using the traceroute command
Using the dnsrecon command Passively
Using the wafw00f command
Using the dig command
Using the WHOIS Utility
Using Netcraft
Using DNS Dumpster
Using whatweb
Using Browser Addons
Gathering Employee Information
Using the Harvester
Subdomain Enumeration
Active Intelligence Gathering
Using dnsrecon Actively
Brute Forcing Subdomains with Fierce
Using knockpy
Using Port Scanning
Vulnerability Scanning
Directory Brute Forcing
Automating these Tests
Scanning with Sniper Active
Scanning with Sniper Passively
Using Amass - Basic Scan
Using Amass - Advanced Scan
Using the viz Subcommand
Viewing Reports
Performing Passive Recon with recon-ng
Conclusion
Taught by
Linode
