I N T E L L I G E N C E   G A T H E R I N G

Intelligence gathering follows the pre-engagement 
activities as the second step in a penetration test. Your 
goals during intelligence gathering should be to gain 
accurate information about your targets without reveal-
ing your presence or your intentions, to learn how the 
organization operates, and to determine the best route

of entry. If you don’t do a thorough job of intelligence gathering, you may 
miss vulnerable systems or viable attack vectors. It takes time and patience to 
sort through web pages, perform Google hacking, and map systems thor-
oughly in an attempt to understand the infrastructure of a particular target. 
Intelligence gathering requires careful planning, research, and, most impor-
tantly, the ability to think like an attacker. At this step, you will attempt to col-
lect as much information about the target environment as possible. This can 
be an expansive amount of information, and even the most trivial data gath-
ered during this stage can prove useful later on, so pay attention.

Before you begin intelligence gathering, consider how you will record 

everything you do and the results you achieve. You must remember and record