Reconnaissance (recon) is the information-gathering phase of a penetration test or attack. It involves collecting data about the target — IP addresses, domain names, employee information, technology stack, network topology — to identify potential attack vectors. Recon is divided into passive (no direct interaction with the target) and active (directly probing the target's systems).
Thorough reconnaissance determines the quality of everything that follows. Attackers who skip recon miss attack vectors; those who invest in it find paths that others overlook. The same applies to penetration testing.
Redsight's discovery and recon phases use 20+ tools to map your complete external attack surface before vulnerability testing begins.
Get started in minutes. No contracts, no commitments.
Start Scanning →