# active-vs-passive

**Passive Recon**

* No Direct Interaction with the target
  * Whois, Google, Shodan, crt.sh, subdomain enum (passive)

**Active Recon**

* Direct Interaction with the target
  * Ping, DNS queries, port scan, service detection