Course 9 - Reconnaissance and Ennumeration
Reconnaissance and enumeration are stages towards the beginning of the penesting process. Both are critical to engaging with a target.
Reconnaissance, similar to its general definition, is the initial process of researching and gathering information about a system.
Active reconnaissance is the process of directly interacting with a system to gain information. Direct interaction includes scanning for vulnerabilities or port scanning (Course 10).
Passive reconnaissance is the process of indirectly gathering information about a system. Passive reconnaissance is much safer if you do not want to alert system users that they are being attacked. Indirectly gathering information can include doing external research on the target using the internet or other sources.
Both active and passive reconnaissance are used by pentesters (and hackers) to gather information about targets, neither one is better than the other. For hackers, initial research on a target is crucial in order to understand systems before exploiting them.
Enumeration is a more technical form of reconnaissance. Enumeration is the process of directly gathering information from a target. Enumeration and active reconnaissance are almost interchangeable. While active reconnaissance can just be any interaction with the system, like visiting its website, enumeration refers to the start of the hacking process. At this stage, hackers attempt to discover network structures, connected nodes, open ports, etc.