Reconnaissance

Reconnaissance consists of techniques adversaries use to gather information about an application’s architecture, exposed interfaces, dependencies, and runtime environment in order to identify potential attack vectors. This includes harvesting API specifications, scraping public code repositories, querying cloud metadata services, and mapping feature flags or configuration settings. By building a detailed view of an application’s attack surface - across web, mobile, API, and serverless components - threat actors can prioritize high-value targets and tailor subsequent operations for successful intrusion.