The process of collecting information about an intended target of a malicious hack without the target knowing what is occurring. Typical passive reconnaissance will include researching the target through common Internet tools, news goups, job postings, employee conversations and other public available records. The goal of this phase is to collect as much information as possible to be used in the latter stages of a security assessment.

Why do it?

The reason for this phase is to understand as much as possible about the intended target, this is exactly what a real world hacker would do prior to launching a vulnerability assessment or penetration test. Knowledge is power, the more information gathered, the easier the attack.

Red-Team offer this as a standalone offering. We can provide you with a detailed report of all the information that can be discovered using freely available resources. This will provide valuable information to you regarding the volume and nature of information available about your business, technologies and personel.

Fact - You are only as strong as your weakest link!