Int. J. Information Privacy, Security and Integrity, Vol. 2, No. 3, 2016 177 Copyright © 2016 Inderscience Enterprises Ltd. Performance evaluation of cyber reconnaissance tools Ha Thanh Le* Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4, rue Alphonse Weicker, L-2721, Luxembourg Email: hathanh.le@uni.lu *Corresponding author Peter Loh Singapore Institute of Technology, 10 Dover Drive, 138683, Singapore Email: peter.loh@singaporetech.edu.sg Chiew Tong Lau School of Computer Engineering, Nanyang Technological University, Block N4, #02B-58, Nanyang Avenue, 639798, Singapore Email: asctlau@ntu.edu.sg Abstract: The stealthy reconnaissance phase is crucial in a cyber-attack. The reconnaissance tools usually limit themselves from balancing between collecting most targets’ information possible while hiding itself from being detected by target’s defence systems. We assert the role of reconnaissance in web application security attack and evaluate the selected reconnaissance tools in both effectiveness (information gained) and stealth level. We experimentally realised that the reconnaissance tools employing a botnet (or bot, or zombie)-based model has high performance (high level of stealth and little information loss). Keywords: web application security; cyber-attack; stealthy reconnaissance; botnet model reconnaissance. Reference to this paper should be made as follows: Le, H.T., Loh, P. and Lau, C.T. (2016) ‘Performance evaluation of cyber reconnaissance tools’, Int. J. Information Privacy, Security and Integrity, Vol. 2, No. 3, pp.177–196. Biographical notes: Ha Thanh Le is currently a PhD candidate at the Software Verification and Validation Laboratory, SnT, University of Luxembourg since 2013. He received his Master in Engineering from the Nanyang Technological University, Singapore in 2011, and his Master in Information Technology and Computer System Engineering from the Royal Melbourne Institute of Technology in Melbourne, Australia in 2000. His research interests are in automated software security testing and software vulnerability testing.