Introduction to reconnaissance

In a nutshell, a recon is a phase in which the pentester will gather as much information as possible related to the web application that they are testing. Recons can be categorized into two types: 

• Active reconnaissance: Collecting information on the target and from the target
• Passive reconnaissance: Collecting information on the target via third-party sources

Let's look at both of them in detail in the following sections.