The most important process during a penetration test is the information-gathering phase. During this phase, we investigate our target with the goal of learning everything about it. We should attempt to gather information, such as usernames, possible passwords, additional hosts and services, including version banners, among many other interesting bits of data. The information we discover could be invaluable in further stages of our penetration test.
There are several tools depending on many different external data sources and techniques that help us successfully complete this phase. The effectiveness of this phase will be using all resources available at our disposal. Dare to ignore or neglect any of them, and you could be missing out on the one piece of information that you need to completely compromise your target.
Nmap is well known for its information-gathering capabilities, such as OS fingerprinting...