Gathering

Part of the process of a pentest or general knowledge of a target is to know what we are facing and who is on the other side. An attacker or researcher will try to collect all the information possible about a target, we call this Gathering, the Information collection includes information that is shared consciously or not by an organization and that is public. This entire process is also called recognition and is, without a doubt, one of the most important in the process of intrusion and/or investigation.

Traditionally, the information collection process is divided into two phases.

1: External/Footprinting

The first details the procedure followed to collect information external to the organization.

2: Internal/Footprinting

This focuses on the activities that can be carried out once the attacker has gained partial access to the internal network, and where he will try to obtain as much information as possible, to continue escalating the attack to other computers within the

the organization (this concept will be seen as part of the post-exploitation process).

Know your enemy as yourself

Information is an important asset, being aware that it is exposed within our organizations will provide us with the knowledge to protect ourselves, however it will also be a protection tool since knowing the information of a possible attacker or that we have exposed will help us improve infrastructure security.