The Intelligence Gathering levels are currently split into three categories, and

By admin

The Intelligence Gathering levels are currently split into three categories, and a typical example is given for each one. These should guide the adding of techniques in the document below. For example, an intensive activity such as creating a facebook profile and analyzing the target’s social network is appropriate in more advanced cases, and should be labeled with the appropriate level. See the mindmap below for examples.
Level 1 Information Gathering
(think: Compliance Driven) Mainly a click-button information gathering process. This level of information can be obtained almost entirely by automated tools. Bare minimum to say you did IG for a PT.
Acme Corporation is required to be compliant with PCI / FISMA / HIPAA. A Level 1 information gathering effort should be appropriate to meet the compliance requirement.
Level 2 Information Gathering
(think: Best Practice) This level can be created using automated tools from level 1 and some manual analysis. A good understanding of the business, including information such as physical location, business relationships, org chart, etc.
Widgets Inc is required to be in compliance with PCI, but is interested in their long term security strategy, and is acquiring several smaller widget manufacturers. A Level 2 information gathering effort should be appropriate to meet their needs.
Assignment
The purpose of Intelligence Gathering activities of a penetration test is to provide a standard designed specifically for the pentester performing reconnaissance against a target (typically corporate, military, or related). The document details the thought process and goals of pentesting reconnaissance, and when used properly, helps the reader to produce a highly strategic plan for attacking a target.
Review Level 1 and Level 2 Intelligence Gathering criteria and conduct an intelligence gathering exercise against a target of your choosing. At a minimum, include the following:
Corporate
Logical
Electronic
Infrastructure Assets
Financial
Social Media
Passive Reconnaissance (subcategories as you see fit)
Active Footprinting

Exit mobile version