Active

Active reconnaissance is a technique used in cybersecurity, particularly in penetration testing or hacking, where an attacker directly interacts with the target system or network to collect information. This phase of the assessment involves actively engaging with the target to identify potential vulnerabilities, such as by scanning for open ports, probing for network services, or detecting the operating system.

Unlike passive reconnaissance, which relies solely on publicly available data and does not directly interact with the target, active reconnaissance involves more intrusive methods. These might include visiting the target's website, making phone calls, or performing network scans. Since active reconnaissance generates network traffic and can trigger security alerts, it is more likely to be detected by the target’s security systems.

Active methods can leave traces, such as logs showing connection details, making it essential to have legal authorization before conducting such activities. However, skilled attackers can sometimes disguise their activities to blend in with normal traffic, reducing the likelihood of detection.

Last updated