Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity. 🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time. From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning. Study anywhere, anytime — and level up your skills with CyberCode Academy. 🚀 Learn. Code. Secure.
All content for CyberCode Academy is the property of CyberCode Academy and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity. 🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time. From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning. Study anywhere, anytime — and level up your skills with CyberCode Academy. 🚀 Learn. Code. Secure.
In this lesson, you’ll learn about: Conducting a Multi‑Stage OSINT Campaign Using Recon‑ng 1. Initial Data Harvesting & Database Population The OSINT campaign begins by creating a dedicated workspace and planning the stages of information gathering. The first objective is to populate core database tables—contacts and hosts. Contact Gathering
PGP search modules identify additional contacts by searching for PGP keys associated with the target domain.
Host Discovery
bing_domain_web module scans the domain to enumerate subdomains and hostnames.
brute_hosts module brute‑forces common hostnames to uncover additional active hosts not found through search engines.
File Analysis
Once the hosts table is filled, the interesting_files module scans discovered hosts for publicly accessible files such as:
sitemap.xml
phpinfo.php
Test files These files may contain operational details useful for further analysis.
2. Contact Optimization & Breach Assessment This phase enhances collected contact data and checks whether employees or organizational accounts have been compromised. Email Construction Using Mangle
The mangle module builds complete email addresses using partial names and organizational naming patterns.
It combines first/last names with the domain to produce likely valid addresses.
Breach Monitoring Using HIBP
hibp_breach module checks if collected or constructed emails were exposed in known credential leaks.
hibp_paste module searches paste sites for leaked emails or credentials.
Any hits are stored in the credentials table for responsible reporting and remediation.
3. Geolocation of Target Servers This stage identifies the physical locations of the target’s online infrastructure. IP Resolution
The resolve module converts hostnames into IP addresses and updates host entries.
Geolocation
The free_geoip module geolocates IPs, revealing the server’s approximate city, region, and country.
Location details are appended to the host’s database record.
Shodan Integration (Optional)
When a Shodan API key is available:
Latitude/longitude data is used by the shodan module to gather additional OSINT such as services, banners, and exposed ports.
4. Comprehensive Software Stack Profiling The final stage performs a deep analysis of the technologies behind the target website. BuiltWith Technology Scan
The BuiltWith module identifies:
Web technologies (e.g., Apache, Nginx, Ubuntu)
Infrastructure providers (e.g., AWS)
Associated tools (jQuery, New Relic, Analytics services)
For large domains, the scan may return hundreds of data points, greatly enriching the OSINT profile.
Additional Discoveries
Administrative contacts
Social media integrations
CDN details
Heat‑mapping and analytics tools (e.g., Mouseflow)
Optimization platforms (e.g., Optimizely)
Summary By the end of this lesson, students understand how to conduct a complete OSINT workflow using Recon‑ng:
Populate key database tables
Form accurate contact and host profiles
Identify data breaches ethically
Geolocate infrastructure
Profile the full technology stack of a target domain
This staged approach reflects real-world ethical OSINT methodology and supports responsible security...
CyberCode Academy
Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity. 🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time. From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning. Study anywhere, anytime — and level up your skills with CyberCode Academy. 🚀 Learn. Code. Secure.
