Warning: Use of undefined constant add_shortcode - assumed 'add_shortcode' (this will throw an Error in a future version of PHP) in /nfs/c03/h04/mnt/49321/domains/hackingtheuniverse.com/html/wp-content/plugins/stray-quotes/stray_quotes.php on line 615

Warning: Use of undefined constant MSW_WPFM_FILE - assumed 'MSW_WPFM_FILE' (this will throw an Error in a future version of PHP) in /nfs/c03/h04/mnt/49321/domains/hackingtheuniverse.com/html/wp-content/plugins/wordpress-file-monitor/wordpress-file-monitor.php on line 39
Tag: Recon

Archive for Recon

You are browsing the archives of Recon.

Shodan – Hackers Search Engine

Shodan is a hackers search engine that can help you find any device connected to the internet. Shodan: Search Engine for Hackers – [youtube.com] Shodan has been getting a lot of publicity lately as a “scary” search engine that can be used to facilitate hacking. Annie explains how the site works, and talks with Shodan […]

Operations Security = OPSEC

Operations Security or OPSEC is about identifying critical information that can be used against you by an opponent and minimizing access to that information. This is a sub process of risk assessment and follows the same basic process flow: Characterization and scope determination Assessment of threats Assessment of vulnerabilities Likelihood and impact analysis Determine risk […]

Core Impact

Core Impact is a professional penetration testing framework tool that can operate in both automated and manual modes. It is very expensive, but sets the standard to measure other tools against. It comes with a constantly updated and state of the art collection of exploit code. Core can either perform its own reconnaissance or can […]


Kismet is a powerful wireless sniffer that offers excellent passive reconnaissance of wireless networks. It requires a wireless card that supports rfmon (monitor) mode and runs on linux. It is available as a standalone application and is also found on the Backtrack CD compilation. Kismet – [kismetwireless.net] What is Kismet? Kismet is an 802.11 layer2 […]


Backtrack is live CD (bootable) that is a compilation of network security tools. Based on SLAX, Backtrack 3 currently has over 300 tools. Backtrack is available from remote-exploit.org Every package, kernel configuration and script is optimized to be used by security penetration testers. Patches and automation have been added, applied or developed to provide a […]


First released by Fyodor in a 1997 issue of Phrack magazine, nmap has become the de-facto standard for network scanning and port scanning tools. Nmap is free and open-source and is now available in versions for most major OS platforms and includes features for OS identification, service version detection, a scripting engine, multi-probe scanning, a […]

Pivot recon

In order to launch a pivot attack against another system, the attacker needs standard recon information. This includes the IP address, ports that are open and services responding on the ports, the type and version of OS being used and maybe vulnerabilities that can be detected. This information can be collected in some cases simply […]

Sniffing recon

Performing reconnaissance by sniffing packets requires access to the network data stream. In most cases, that implies some form of attacker presence already inside the network perimeter. Given that it is possible to sniff packets, a variety of interesting analysis techniques become possible. Passive target location – packet analysis tools easily collect IP addresses and […]

Network scanning recon

Network scanning usually begins with discovering ranges of IP addresses and then specific systems within those ranges. Once the live systems have been located, they are scanned for responding ports and an attempt is made to identify the services running on the ports and the versions of the services. Once this map is filled in, […]

Google recon

Going beyond simply reading a web page and extracting helpful information from it, google can be used to find much more information that can aid an attacker. Searching for target information – the attacker often begins by doing simple searches and building some kind of knowledge record or map of what they have learned. This […]