• The first phase started with intelligence gathering about the targets. The attackers spend a considerable amount of time collecting information that is beneficial in constructing the attack surface. The attackers search for online social networks and other repositories containing background details of the target. This process is called Open Source Intelligence (OSINT) in which freely available resources on the Internet are queried to extract information to support initial steps in targeted attacks. OSINT should not be confused with Open Source Software (OSS) as these are both different elements. The presence of “Open ...