Cybersecurity reconnaissance is every offensive security professional’s bread and butter. Whether it’s penetration testing, bug bounty hunting, or security research, recon is an essential component in an offensive security toolkit.
This course is a deep-dive into security recon and the various techniques we use to find threats in applications of all kinds. Using hands-on labs to perform these activities in real-world environments, we’ll be learning how to do manual and automated recon, how coding factors into your recon strategies, and perform subdomain discovery and bruteforcing.
In addition, we’re going to train in bucket hunting, github recon, dorking, analyzing JS files, and a whole lot more. Upon completing this course, you’ll have mastered several techniques and strategies in security recon which you can use in the real world.
Not Applicable for this course
Recon is just the beginning but it can be Big
Finding Good Programs to Hack On
How to Approach Recon - Manual vs. Automated
The Importance of Coding in Recon
Subdomain Discovery - Initial Contact with the Target
Subdomain Discovery - Eliminating the Noise
Directory Bruteforcing - Attack from Multiple Front
Buckets, Dorks, Github, and Shodan Research
Nmap, Nikto and Burp-ZAP - Increasing the Attack Surface
The Never-Ending JS Files
Digging into The Past with WaybackMachine
A Primer on Reporting - Don't Sabotage Yourself
The Exciting Journey Ahead