Before you try to perform penetration test on a company, you need to perform OSINT or open source intelligence on the company’s in scope assets. This is a method that allows you to find a lot information on your target. Here are a couple of websites that allows you to find information on your target.

• Maltego
• Mitaka
• SpiderFoot
• Spyse
• BuiltWith
• Intelligence X
• DarkSearch.io
• Grep.app
• Recon-ng
• theHarvester
• Shodan
• Metagoofil
• Searchcode
• SpiderFoot
• Babel X
• censys search
• Shodan

Things you will be looking for during OSINT are common used passwords in data breaches, usernames, emails and anything that could help you gaining a foothold into the company during your penetration testing.

For extra information I will provide few links to provide more information:

https://osintframework.com/
https://www.youtube.com/watch?v=qwA6MmbeGNo
https://www.youtube.com/watch?v=ZUZG1zaaKY4