Reconnaissance is the first phase of compromise and considered the most important. An attacker will use publicly-available information known as Open Source Intelligence (OSINT), often referred to as digital footprint, to identify possible target services on a network for exploitation. A security professional using the same search looks for potential security leaks.
- Select one company from “List of Fortune 500 Companies and Their Websites,” provided within the required readings, and perform a passive information recon.
- Using Google or another public search engine, collect OSINT that can be used to identify potential targets for exploitation (e.g., web, e-mail, FTP, DNS services, and employee names and e-mail addresses).
- Document findings under Phase Testing in the “PEN Testing Report Guidelines,” located within the course materials. Refer to the SANS Institute industry standard “Writing a Penetration Testing Report,” for examples of PEN Testing Reports.
- Ensure that you provide an overview of your selected company.
- http://www.zyxware.com/articles/4344/list-of-fortune-500-companies-and-their-websites
