When google is combined with an ethical hack or penetration test, you may utilize the service to track back users, social media accounts, old posts, and other information. This information is not only limited to users but may also glean information on the technologies that they are utilizing and may also provide a successful reverse engineering point in order to gain access to the company. For example: If company X system administrator posted in a forum asking for information configuring a sonic wall firewall you can utilize that information and the details they posted to gather their sense of security and some of the technologies they are utilizing! And, of course the user who posted information can also be targeted! 

Whois searches provide information about e-mail addresses, server information, location name servers, physical locations as well as a potential point of social engineering (if a user name is utilize instead of soc/This email address is being protected from spambots. You need JavaScript enabled to view it.). From this information you can grow the details of the target in great detail. You may also obtain phone numbers that may be tracked back to users or used on social media!

This segment discusses how you may find users in order to launch effective social engineering or reverse engineering attacks. Isolation of users, or people close to them (given terms of engagement) in order to attack and track back to your intended target or the intended target and his or her employment / network. Isolation of users plays key roles if the technologies in use are applied effectively and may hamper a successful exploitation of the systems or services the company is utilizing and secured properly.

 DNS interrogation can help assist in an ethical hack or penetration test regarding the structure of the internal network, and what locations the target may have. This view may provide test servers, or other internal locations where launching exploits may be beneficial (say a windows 2000 box, or older operating systems that may contain multiple vulnerabilities).

 Documentation utilizing traceroute for minimal information gathering. Advanced techniques will be discussed in additional modules.