Passive Reconnaissance Tactics - JimKnee-Champ/Ethical-Hacking-Journal GitHub Wiki

Passive Recon deals with indirectly gathering information about targets, using the dearth of information available online.

Archives can be used to gain information from past iterations of a website.

Google or any web search tool can be used to identify weak points such as targets for social engineering, information about servers, sensitive files, and any known but not patched vulnerabilities. Interesting folks Server info Sensitive files Vulnerabilities/footholds

Shodan.io Netcraft nslookup on command line Passive recon tools: The H/harvester: query multiple search engines Netcraft: provides technical reports on websites Metagoofil: metadata analysis of publicly available files