In this chapter, we have discussed the importance of conducting reconnaissance prior to attacking a target. The information gathered during this phase is vital to the later phases of penetration testing. Information gathering helps create the foundation for the penetration tester's research of a target's security vulnerabilities, which is required for system and network exploitation.

We outlined the differences between reconnaissance and footprinting, and we also took a look at how to use various OSINT tools to obtain information about various targets.

In the next chapter, Active Information Gathering, we will be covering further topics on information gathering.