There are two main OSINT techniques that cybercriminals can use to gather information about an organisation and their security measures. The first is passive recon, which is mostly what’s been covered in this article. Passive recon will gather the information that is widely available to the public. This information can be put together without directly engaging the target.
The other OSINT technique, known as active recon, is much riskier. This technique will actively engage the target’s system through tools like NMap and will provide much more accurate and up-to-date information. However, there is the possibility of triggering intrusion detection systems (IDS) and intrusion prevention systems (IPS) while scanning for vulnerabilities in the system. Therefore active scanning is more likely to be noticed by the target, giving them time to take action.
