Attack Prelude: OSINT Practice and Automation
iSpeech
Collecting and analyzing public information on the target, aka Open Source Intelligence (OSINT), is a mandatory stage of a modern pentest. The value of such analysis is difficult to overestimate, however, only few people treat it with due attention. Some even skip this stage and start vulnerability scanning right away. It is a mistake, because collecting information on systems and personnel in the area of testing usually plays a crucial role in security audit and is essential for success of an audit conducted with the use of social engineering techniques.
Any use of this material without the express consent of Positive Technologies is prohibited.
2013-11-01 16:21:03
source
Gloss