🦾Active Information Gathering

Active information gathering is the process of collecting more information about the target network by directly interacting with the target.

Active Information Gathering we can gather more information about these targets by actively interacting with them. However, unlike passive information gathering, doing this without authorization can be illegal. Can be use DNS Enumeration, Port Scanning, OS Fingerprinting. Similar to passive information gathering, goal of active information gathering is to gather information as much as possible.

Active Information Gathering Tools:

Nmap : Network mapper tool for network discovery and security auditing.

Masscan : TCP port scanner, spews SYN packets asynchronously, up to 10 million packets per second.

Nessus : Vulnerability, configuration, and compliance assessment tool.

Metasploit Framework : Penetration testing framework that makes hacking simple. It’s an essential tool for many attackers and defenders.

Wireshark : Network protocol analyzer that lets you capture and interactively browse the traffic running on a computer network.

Aircrack-ng : A suite of tools to assess WiFi network security.

Netcat : Networking utility for reading from and writing to network connections using TCP or UDP.

Nikto : Web server scanner which performs comprehensive tests against web servers for multiple items, including dangerous files/CGIs.

OWASP ZAP : Security tool used for finding security vulnerabilities in web applications.

Burp Suite : Graphical tool for testing Web application security.

Hybrid Tools:

SpiderFoot : Open-source intelligence (OSINT) automation tool. It integrates with just about every data source available.

Cewl : Custom Word List generator.

FOCA : Tool used to find metadata and hidden information in the documents.