Warning: Use of undefined constant add_shortcode - assumed 'add_shortcode' (this will throw an Error in a future version of PHP) in /nfs/c03/h04/mnt/49321/domains/hackingtheuniverse.com/html/wp-content/plugins/stray-quotes/stray_quotes.php on line 615

Warning: Use of undefined constant MSW_WPFM_FILE - assumed 'MSW_WPFM_FILE' (this will throw an Error in a future version of PHP) in /nfs/c03/h04/mnt/49321/domains/hackingtheuniverse.com/html/wp-content/plugins/wordpress-file-monitor/wordpress-file-monitor.php on line 39
Tag: reconnaissance

Archive for reconnaissance

You are browsing the archives of reconnaissance.

UAV/Drones Tending Crops

Unmanned Aerial Vehicles (UAV), aka drones, are being used to monitor agricultural crops and larger drones can deliver water, fertilizer and pesticides with precision. They tend to be more cost effective than conventional crop spraying aircraft with pilots. VIDEO – Using cutting-edge technology to improve farming – unmanned aerial vehicles – [bbc.co.uk] Unmanned aerial vehicle […]

Shodan – Hackers Search Engine

Shodan is a hackers search engine that can help you find any device connected to the internet. Shodan: Search Engine for Hackers – [youtube.com] Shodan has been getting a lot of publicity lately as a “scary” search engine that can be used to facilitate hacking. Annie explains how the site works, and talks with Shodan […]

P0f v3 Fingerprinting Tool (new release)

For a long time, p0f has filled a mostly empty space for passive reconnaissance tools. There is now an updated version (a release candidate) with some new features. p0f v3 (release candidate 0) – [coredump.cx] 1. What’s this? P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify […]

nmap 5.20

nmap 5.20

Nmap, the free, open source utility that has become a basic tool for many network security professionals, has released a new version. Nmap 5.20 Released – [nmap.org] Happy new year, everyone. I’m happy to announce Nmap 5.20–our first stable Nmap release since 5.00 last July! It offers more than 150 significant improvements, including: o 30+ […]


Kismet is a powerful wireless sniffer that offers excellent passive reconnaissance of wireless networks. It requires a wireless card that supports rfmon (monitor) mode and runs on linux. It is available as a standalone application and is also found on the Backtrack CD compilation. Kismet – [kismetwireless.net] What is Kismet? Kismet is an 802.11 layer2 […]


Stealth techniques can aid an attacker in a variety of ways: Concealing a presence on a system Concealing command and control channels Concealing information gathering Concealing data exfiltration Stealth techniques are usually used in two primary categories: Root kits Hidden files – this includes both program related files and data files and often an entire […]

Sniffing recon

Performing reconnaissance by sniffing packets requires access to the network data stream. In most cases, that implies some form of attacker presence already inside the network perimeter. Given that it is possible to sniff packets, a variety of interesting analysis techniques become possible. Passive target location – packet analysis tools easily collect IP addresses and […]

Network scanning recon

Network scanning usually begins with discovering ranges of IP addresses and then specific systems within those ranges. Once the live systems have been located, they are scanned for responding ports and an attempt is made to identify the services running on the ports and the versions of the services. Once this map is filled in, […]

Google recon

Going beyond simply reading a web page and extracting helpful information from it, google can be used to find much more information that can aid an attacker. Searching for target information – the attacker often begins by doing simple searches and building some kind of knowledge record or map of what they have learned. This […]

General recon

General reconnaissance includes all the conventional means of collecting information that are not included in the other recon techniques: Public record research – most of this type of research used to be done in a library but now can be done online. Any company that is publicly traded on a stock exchange is required to […]