Passive information gathering 2.0 – the next level
Every security professional is aware of the information gathering techniques discussed in the previous recipe. But there are some techniques which analysts neglect because of their reduced popularity and awareness, but they can produce results as good as the previous techniques. The techniques we will discuss here will involve a deeper analysis of our target, though we will still be using a passive technique. These techniques do not require the use of Metasploit, but since information gathering is an important field for penetration testing, we will discuss it here.
Getting ready
We will understand three techniques here in this recipe:
Zone transfer: This can be performed using the terminal.
SMTP header: For this technique, we will require an e-mail that is sent by the target to the penetration tester.
Google dork: This is a simple, yet useful, technique of gaining information through a search engine.
Let us start with zone transfer.
