Passive Reconnaissance | Tryhackme Walkthrough
Learn about the essential tools for passive reconnaissance, such as whois, nslookup, and dig.
Introduction
In this room, after we define passive reconnaissance and active reconnaissance, we focus on essential tools related to passive reconnaissance. We will learn three command-line tools:
whoisto query WHOIS serversnslookupto query DNS serversdigto query DNS servers
We use whois to query WHOIS records, while we use nslookup and dig to query DNS database records. These are all publicly available records and hence do not alert the target.
We will also learn the usage of two online services:
- DNSDumpster
- Shodan.io
These two online services allow us to collect information about our target without directly connecting to it.
Pre-requisites: This room requires basic networking knowledge along with basic familiarity with the command line. The modules Network Fundamentals and Linux Fundamentals provide the required knowledge if necessary.
Important Notice: Please note that if you’re not subscribed, the AttackBox won’t have Internet access, so you will need to use the VPN to complete the questions that require Internet access.
Passive Versus Active Recon
