Mastering Web and Infrastructure Reconnaissance



When you perform a penetration test, finding one target is easy.  Detecting them all plus identifying the supporting infrastructure and other services is hard and needs a more structured approach.  And you need the experience to analyze and understand what your tools and techniques are telling you so that you can pivot around on the information to detect even more.

If you’re constantly wondering just how many targets you’ve missed over the years or what your tools really do, this class is for you.  In this class we will look at both passive and active methods from basic tools that you probably know a little bit already such as simple dig queries and Google hacking all the way up to enumerating hosts and ports with Nmap, finding forms with BurpSuite and even automating scanning with Metasploit.  But we’ll get into even more depth on the tools to squeeze out every bit of information that can make or break our day.

What You Will Learn

  • Understand a structured approach to reconnaissance to ensure completeness and accuracy
  • Level-up your existing tool knowledge by getting more out of the ones that you know about and learning new ones
  • Analyze some of the typical reconnaissance results that will affect testing like hosted environments, content delivery networks, outsourced DNS, domain controllers, print servers, etc.
  • Skills to record findings as you conduct your testing


Duration:  12 Hours