Information Gathering (Reconnaissance) Flashcards
Why is it important to validate your target?
Because people can send you the wrong IP by mistake!
When searching for company emails, to what should you pay attention? Why?
To the company’s email addresses pattern. Because discovering the pattern allows you to make more precise guesses regarding valid email addresses from that company.
True or false: A form of validating an email address is to looking for it in past data breaches.
True.
What can you find by using the “Forgot Password” functionality?
You can find associated accounts and can be used to validate addresses.
Name three tools to find email addresses.
Hunter.IO
Phonebook
Clear-Bit chrome extension
How do you search for a domain while removing specific subdomains from the results in google?
site:domain.com -subdomain
How do you specify a file type in a google search?
filetype:type
Which of the following tools can be used for target validation? (multiple choice)
- whois
- nslookup
- dnsrecon
1, 2 and 3
If the Rules of Engagement state that ‘*.tcm-sec.com’ is in scope, which of the following targets can we legally attack? (multiple choice)
1. www.tcm-sec.com
2. dev.tcm-sec.com
3. dev.tcm.com
4. www.tcm-sec.co.uk
5. tcmsecurity.com
6. dev.tcm-sec.co.uk
7. tcm-blogs.com
1 and 2 only.
What search phrase can be used to find subdomains of a website?
site:tcm-sec.com -www
This removes the most common subdomain “www” in order to display other search results.