Perform reconnaissance & create a report of your findings. In this assignment we will be looking at the reconnaissance phase of penetration testing. Reconnaissance itself has three phases: $1)$ footprinting $($information gathering$),2)$ scanning $($target discovery$)$ and $3)$ enumerating. We will focus on footprinting. It's important to have a clear understanding of the client's systems and operations before you begin exploiting.

Some common reconnaissance $($footprinting$)$ methods include:

search engine queries to gather data about personnel, systems or technologies of the client

domain name searches, WHOIS lookups, and reverse DNS to get subdomains, people's names and data about the attack surface

contacting the organization to find out positions, technologies, email addresses

Internet foot$-$printing looking for email addresses, social accounts, names, positions $($look at job postings, linked in profiles etc.$)$

Dumpster diving for valuable data that may be used for attacks or social engineering

Tailgating to get physical access or pictures with hidden camera

search Internet maps for physical building layouts

Choose a target $($a company or organization$)$ to perform the first phase of reconnaissance: information gathering. You can use the organization in the RFP you chose for the Scoping assignment, or another one. It is up to you.

Your mission is to perform "reconnaissance on your selected target. Do not use any phishing attacks on the target. Only use information that is publicly available.

Prepare your report. The audience for this report is executive and management.

The report should be no longer than five pages and cover the scope, methodology, and factual information gleaned from the different sources. The information needs to be presented in an efficient readable manner.

Tables of contents

Scope and Purpose

Items found

Names of people w$/$title and org

Names & IP numbers of possible targets

Emails of target $($only$)$

Expiration date of domain

Network Block w$/$ gateway

Any other relative potentially useful information

Potential system types