Please, I'm starting at the hacking world and I'm trying to get the core of so called hacking phases. I'm currently studying an Web App hacking book and would like to clear up this concept.
What I understood from my readings...
- OSINT (would be) a set of only passive techniques to gain target information. (?)
- Footprinting (would be) an active process of mapping the network and systems. (?)
- Recon (would be) the final result of both proccess discribed. (?)
Sorry if it's a silly question, but I really want to have a systematic understanding of pen testing.
I appreciate any indications. :)