Automated processes or bots may be used to perform reconnaissance by enumerating resources such as APIs, file systems, or directories. These activities can reveal potential vulnerabilities, misconfigurations, or unsecured resources, which might result in unauthorized access or data exposure.