Every meticulous APT attack starts with a comprehensive intelligence gathering that includes getting to know the target before proceeding to a more invasive act. In this research paper, I shall discuss the reconnaissance process performed on a potential target from the perspective of the adversary.
This demonstration will show how much information can be harvested from a hypothetical targeted entity, using techniques, tools, and procedures (TTP) which are available to literally anyone.
Some may suggest that certain threat actors do not necessarily use conventional means/sources since they can afford more elaborate means for collecting their intelligence (“intel”). While this may be true, such means are generally unnecessary due to the amount of intel that can be gathered by open source intelligence (OSINT).
Full research paper