So, two guys from sensepost are doing this training on hacking by numbers.
Interesting stuff, it basically boils down to: get as much as possible information on your target. Do this by utilizing public sources [think google [link:], netcraft, ARIN, msn.livesearch.com [ip:], kartoo.com and the likes] and reverse the pointers you find there. See what else is hosted on these IP addresses, see what other domains are registered and|or linked. Check for 'backlinks' that might indicate strong ties between companies.
And keep doing the:
Lots of domains
Find what we really need
Both Nick & Jeremy keep saying: "Remember, domain names are IP addresses and IP addresses are points of attack"
Last but not least:
Find out private information of key individuals for social engineering.
Oh and for our hosts, this is for you :D
Peeps & posts [from] here:
Petko D. Petkov
PortSwigger & Marcus
And some who are not: