For preparation of ethical hacking, foot printing and reconnaissance, you need to know how to get information about the target. By checking out this methodology, you can see whether a company’s websites provide sensitive information or not and manage website details to public. like robots.txt
ㅁSearch engine caches and internet archives like google or archive
ㅁBrowse the current website.
Other than caches or archives of the website, you can also get lot of information by browsing the current website. By using Burp Suite, Zaproxy, Paros Proxy, Website informer, Firebug and etc, you can view header of websites which provides connection status, content-type, accept-ranges, website server in use and version.
You can also use couple of other tools to get website information such as employee nme, email address, etc by setting up automated searches on GSA Email Spider and Web Data Extractor
ㅁPublic and restricted websites by trial and error method or using service like netcraft
You can find general information by checking target’s websites. From websites, you can check the source code by right-clicking or pressing [F12] key. Easily get information like programmers’ comments or contact details and script type.
ㅁMirroring an entire website
Mirroring websites means copying every source code and resources from the target’s web server, and downloading them into your local directory. Once you get the mirrored site, you can easily analyze the website without sending actual or malicious (repetitive) request to an actual target server. HTTrack Web Site Copier, SurfOffline
ㅁGetting the OS information of target. SHODAN, Netcraft
ㅁExtra information like location. Google Map, Wikimapia
ㅁPeople search, SNS sites, blog , email or contact information. AnyWho
ㅁFinancial Service information, Google Finance, Yahoo
ㅁGetting company’s infrastructure details from job search like LinkedIn, Monster and Dice.