Let’s start with the basics. In cybersecurity, reconnaissance (or recon) is the process of gathering information about a target. It’s the first real step in any penetration test, and it’s also one of the first things attackers do before launching an attack.

There are two types of recon: passive and active. We’ll get to active recon later – right now, we’re focused on passive.

So what makes recon passive?

Passive reconnaissance means you’re collecting information without directly interacting with the target. You’re not sending packets to their servers. You’re not scanning their network. You’re using publicly available information – stuff anyone could find if they knew where to look.

Part of the free Intro to Cyber course by Cover6 Solutions.