Beginners guide to hacking and penetration testing (2017)
Mapping reconnaissance should not be underestimated either. From the comfort from our computer at home, work, or even the local coffee shop we can view an incredible amount of data. Outside building information, wireless access points nearby, network information, we can even potentially find out where pictures that they have posted were taken.
First up is Wigle (https://wigle.net/index). This is an interesting publicly updated wireless network map
that ties into Google Maps. You can find open Wi-Fi, closed, and cell with this tool. You can also search by address, map, or satellite. This is a great tool for seeing if there is information already posted on your target.
Shodan is another amazing search engine that can be used for reconnaissance. Shodan will search for
any internet connected devices, such as routers, switches, webcams, refrigerators, IoT devices, etc.
You can also search for default passwords by entering in the string "default password". In the example above we can see 63,422 results. In most cases we can see the IP address, location, MAC, Hostname, Product, version, authentication name and password.
Another mapping tool is GeoImgr (http://www.geoimgr.com/en/tool) which you can upload images to
see if they were geotagged. If they were the location will be displayed on the map along with the Latitude and longitude. To check simply click the "Upload a photo" button and upload the image. If there is a location associated with that image it will be displayed.
Google Maps can help provide Arial information to locations that you may not have access to otherwise. The great thing about this is that we can get detailed mapping information, without risking being scene. Where are their dumpsters located? What is the building layout? Where are the fences?
While an overhead map can yield important information, sometimes a on the ground view is needed, this is where Google Streetview can come in handy.