关键词: 渗透测试, 信息搜集, Kali Linux, 漏洞, 防范措施

Abstract: Penetration test does a thorough security review for network system and gives the advice of vulnerability or inappropriate configuration by simulating real attacks. As the first stage of life cycle of penetration test, the task of information collection is to collect detailed information, which determines the success of a whole penetration test to a large extent. This paper studies the various methods and technology in the information gathering stage, puts the tools provided by Kali Linux into practice, summaries the common vulnerability in this stage and proposes a comprehensive preventive measure in the end.Key wordspenetration test; information gathering; Kali Linux; vulnerability; preventive measure

Key words: penetration test, information gathering, Kali Linux, vulnerability, preventive measure