Felderítés és analízis a penetrációs tesztben – 1. Információgyűjtési technikák

This series of articles deals with the detection and analysis levels within the penetration tests section. One basic approach is that information gathering activities at the detection and analysis level of penetration tests in cybersecurity and information technology (at risk level) identify publicly available information related to organisations. Gathering information is the first step in the penetration test implementation process, which involves gathering information about the target network and target environment. Using information gathering techniques, there are many opportunities for unauthorised access to the target organisation’s network.This allows you to create a security profile of the target organisation’s network system, and partly the organisation itself. There is no standard way to collect information, as there are many ways to obtain it. However, as much information as possible must be collected, therefore, it is worthwhile to carry out this phase in an organised manner.