top of page

Footprinting – Information Gathering Techniques

 

Footprinting is an ethical hacking process of gathering information about the target and its environment as well depends upon user. This is a pre-attack stage and maximum efforts are deployed to ensure that the operations conducted are executed under stealth information and target can’t trace back you again. In the footpriting process several information gathering techniques and tools are used for secret info some.

A hacker can use several freely available resources to gather maximum information passively and actively. In this process no direct contact is made with the target attack. The information gathered through footprinting is crucial for later steps/attacks to be enhanced. 

 

Footprinting – List of Information Gathering Techniques

 

There are many techniques and tools used in footprinting attack. There is no predefined sequence of task in footprinting. You have to gather the maximum possible all information therefore you use following sources to be well.

 

Websites Footprinting: Just by visiting the target’s website you can collect great amount of information about them such as their email addresses, partners, client’s list, physical addresses of their offices and HR openings etc.

 

Website can be further analyzed for error pages well done. Errors can appear if you put invalid data in search box or contact form gather. Errors can reveal details about website content management system software, its version, scripting and type of server used – linux or windows etc depends upon attack.

 

Whois Database Lookup: Whois lookup is an important step in information gathering process define. Whois lookup against any website can reveal information about computer servers on which website is hosted & its location. Whois lookup also displays name, address and contact numbers of technical staff, domain owner and domain registrar all personal inforamtion to be website creation date and modification date etc.

 

WHOIS Lookup Websites:

 

 

 

 

 

Search Engines Hacking: Marking a search query against your target in search engines like (Google, Yahoo & Bing etc.) can also reveal great amount of information if used properly well work for us for our target. Google Advance search or Google Hacking can help to locate more detailed information like company policies, employee’s details & online hidden pages etc well defined on google.

 

Company’s details and reviews can be found at different blogs, website, reviews portal, forums etc.

Google Search Command: site:facebook.com “maulik kotak” + “hacking”

The above Google search query target facebook.com for all the persons having name Maulik Kotak and talking about “Hacking” all term defined.

 


 

Similar Domain Search: If example.com is your target’s website then you can look at example.in, example.net, example.org for a worldwide variety sources to be enhanced achieve. Further, looking for in.document.com, uk.document.com (country basis) or en.document.com (language basis) can reveal more useful information to be targeted.

 

Same company may have different works at different countries and may be presenting different information in different languages. Similar domain search is important information from all different aspects and dimensions data.

 

Negative Website Search: Negative website search against targets website can reveal some websites that gives insight into the problems which exist inside the organization information. Suppose, your target is example.com then you may find example-company-sucks.com well done i think you undestand.

 

Paypal.com is a payment gateway website/company that helps to buy/sell stuff online you know about that and facilitate money transaction across borders worldwide all area. But below is the image of website that tells different story you know.

 

 

 

Social & Business Networking Websites: If you want to more detailed information about a company or person then you must take a look at websites like linkedin.com, Google+ and similar website to be geniune information. They can reveal some detailed business information and their professional connections to be see there.

 

Facebook website may have fake profiles/pages and non-official groups about a company you know about well. FB may not have trusted information about a company or person but sites like linkedin.com which is a professional social networking website usually all have trusted information and frequently updated profiles and pages with insight information and great detailed about any user or company.

 

Top Social Professional Websites: https://www.linkedin.com

 

 

People search/look-up websites may also prove helpful well defined.

 

Classified/Job Websites: If you want to really know what a company’s offers and stuff and services the company sells then you must search information about the company at different classified sites well defined. You’ll find some real working contact address and insight information about your target.

 

Classified/Job sites may reveal some HR openings that may have information about the software and technologies that the target company uses data. As they are looking for employees those work with the same technology they use, they generally reveal great information here to be achieve our goal.

 

Some Websites to Try:

 

 

Internet History – Achieve Pages : Footprinting also includes looking for information that was deleted from the website after long time. Internet way-back machine can help you to find pages that are now history.

 

Archive.org is a website established in 1996 which manages to achieve webpages of almost all websites data.

 

Information or pages deleted from a website may have some ex-employees information for your useful data. These ex-employees can be called and may reveal some great information about their ex-company and work for out goal reach by archive.org website.

 

Website: https://archive.org/

 

 


 

DNS Footprinting – MX Entry: DNS (domain name system) like records look can reveal great amount of information including MX entry which indicates where to be assigned and which email application or services are being used. This information can be used later to exploit mail services and accounts to be used to identify.

 

DNS Lookup Websites

 

 

Trace Route: tracert is a command that can used in both linux and windows which is used to trace path between a user and target system machines well. Some websites also facilitate tracert/trace-routing.

 

website: https://who.is/tools/

 

Finally, well done Footprinting includes some great techniques to gather information passively to be defined on anywhere. It is legal as long as you don’t misuse the collected information form source. These steps and techniques are very simple and any no-technical person can enjoy this but mind that it’s also very effective quick.

 

Footprinting is vital for all the hacking or information gathering steps you perform next to be attack.

 

 

"Connect" and Feel Free with Cyber Defence Group for WhiteHat Hacking  because we believe in Security.

  • Facebook App Icon
  • Twitter App Icon
  • Google+ App Icon
  • LinkedIn App Icon
  • Pinterest App Icon
bottom of page