Search Open Technical Databases (T1596)

View on ATT&CK

In Playbook

Technique & Subtechniques

Associated Tactics

  • Reconnaissance

Reconnaissance (TA0043)

The adversary is trying to gather information they can use to plan future operations. Reconnaissance consists of techniques that involve adversaries actively or passively gathering information that can be used to support targeting. Such information may include details of the victim organization, infrastructure, or staff/personnel. This information can be leveraged by the adversary to aid in other phases of the adversary lifecycle, such as using gathered information to plan and execute Initial Access, to scope and prioritize post-compromise objectives, or to drive and lead further Reconnaissance efforts.

View on ATT&CK

Procedure Examples

Description Source(s)
CIRCL Computer Incident Response Center. (n.d.). Passive DNS. Retrieved October 20, 2020. Circl Passive DNS
Hacker Target. (n.d.). DNS Dumpster. Retrieved October 20, 2020. DNS Dumpster
Jain, M. (2019, September 16). Export & Download — SSL Certificate from Server (Site URL). Retrieved October 20, 2020. Medium SSL Cert
NTT America. (n.d.). Whois Lookup. Retrieved October 20, 2020. WHOIS
Shodan. (n.d.). Shodan. Retrieved October 20, 2020. Shodan
SSL Shopper. (n.d.). SSL Checker. Retrieved October 20, 2020. SSLShopper Lookup
Swisscom & Digital Shadows. (2017, September 6). Content Delivery Networks (CDNs) Can Leave You Exposed – How You Might Be Affected And What You Can Do About It. Retrieved October 20, 2020. DigitalShadows CDN