Active
Last updated
Last updated
The active recon chain is somehow pretty obvious, you find the target ( might have done this in the passive recon phase), trace the route to target IP or network and try to map the network as best as you can, search for open ports and services, if its a web app try using it and viewing the source code or use browser extensions that can give you some info about the technologies and apps behind it, finally move on to the next phase ( threat modeling or vulnerability assessment ).
Although using vulnerability scanners is not usual in advanced pentesting or red team engagements, its useful to know about different vulnscanners out there