One of the easiest ways to obtain information about a target is by utilizing public scan databases. This allows us to passively collect data normally obtained througha ctive scanning such as IP addresses, hostnames, open ports, certificates, banners, and sometimes even vulnerabilities.
