The reconnaissance phase
Let's case the joint, looking for tip-offs about possible exploits into the site and server.
Note
Surely this is irrelevant for a site that, after all, belongs to me?
For us, scanning is more vital, sure, but recon finds potentially devastating info leaks whether personally, for a company, for machines, and for sites. Plugging leaks aside, often the most important lesson is how not to ask for help online.
Also, assisting Chapter 8, you can expect to find pilfered content and, as a bonus, will learn tons about the quality of your search engine optimization.
We'll consider what to look for, then how to look for it. From there, while it's nigh on impossible to keep everything under wraps, you can take steps to cloak sensitive leaks and to consider the security culture that allows for leaks.
What to look for
Here's what your average Joe Hacker is looking for:
Domains, sub-domains, and associate domains of, say, clients
Registrar and hosting info, renewal dates, IP addresses and...
