Footprinting methodology details

For preparation of ethical hacking, foot printing and reconnaissance,  you need to know how to get information about the target. By checking out this methodology, you can see whether a company’s websites provide sensitive information or not and manage website details to public. like robots.txt

Search engine caches and internet archives like google or archive 
Browse the current website.
Other than caches or archives of the website, you can also get lot of information by browsing the current website. By using Burp Suite, Zaproxy, Paros Proxy, Website informer, Firebug and etc, you can view header of websites which provides connection status, content-type, accept-ranges, website server in use and version.

You can also use couple of other tools to get website information such as employee nme, email address, etc by setting up automated searches on GSA Email Spider and Web Data Extractor

 

Public and restricted websites by trial and error method or using service like netcraft 
You can find general information by checking target’s websites. From websites, you can check the source code by right-clicking or pressing [F12] key. Easily get information like programmers’ comments or contact details and script type.

 

Mirroring an entire website
Mirroring websites means copying every source code and resources from the target’s web server, and downloading them into your local directory. Once you get the mirrored site, you can easily analyze the website without sending actual or malicious (repetitive) request to an actual target server. HTTrack Web Site Copier, SurfOffline

 

ㅁGetting the OS information of target. SHODAN, Netcraft
ㅁExtra information like location. Google Map, Wikimapia
ㅁPeople search, SNS sites, blog , email or contact information. AnyWho
ㅁFinancial Service information, Google Finance, Yahoo
ㅁGetting company’s infrastructure details from job search like LinkedIn, Monster and Dice.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s