Tradecraft Security WeeklySubscribe

OSINT and External Recon Part 1 – Host Discovery – Tradecraft Security Weekly #8

Look Mom, No Packets!

During the reconnaissance phase of a penetration test being able to discover the external assets of an organization is extremely important. It is also important to do so as stealthily as possible. Using open-source tools and techniques it is possible to enumerate an organizations external assets without sending any packets directly from your computer system to the target organization's network. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) shows you how to use Recon-NG, Datasploit, Shodan and more!.


  1. Recon-ng
  2. Datasploit
  3. Spiderfoot
  4. Censys
  5. Shodan
  6. Threatcrowd
  7. HackerTarget
  8. Netcraft
  9. Certificate Search Tool -
  10. Internet-Wide Scan Data Repository

Full Show Notes

[audio src=""]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.