Not an Issue just a question
Snowman-of-Fire opened this issue · comments
Sorry, I wasn't sure where to leave my question, so I put it as an issue. It really deals with cyber security, but I have no idea where to ask so I figured I would try you guys.
I have been recently looking into things of cyber reconnaissance lately, and everything seems to have the idea that the target of reconnaissance is known beforehand. My question would be then, can you do reconnaissance on an initially unknown target?
An example of this would be that there are two computers in closed rooms that have no knowledge of each other and they are both connected to the internet. Can one somehow discover the other? If so how?
Start from relevance targets associated with your target
Example:
Website_A is secured by cloudflare CDN, you have no idea what its IP address is
You can then search its content or fingerprints for records on services such as Censys or Shodan
See if the target servers were exposed to public and accessible
And then just simply start the penetration testing SOP