Information gathering
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Information gathering

on

  • 879 views

Information gathering is the process of collecting the information from different places about any individual company, organization, server, IP address or person. ...

Information gathering is the process of collecting the information from different places about any individual company, organization, server, IP address or person.

Information gathering is the first step of hacking and most of the time of hacker spend his time in this process. 90% of time of a hacker spend in information gathering.

Information gathering plays a very vital role for both investigating and attacking purposes.

Statistics

Views

Total Views
879
Views on SlideShare
545
Embed Views
334

Actions

Likes
1
Downloads
11
Comments
0

2 Embeds 334

http://maulikkotak.webnode.com 301
http://m.maulikkotak.webnode.com 33

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Information gathering Presentation Transcript

  • 1. ./whoami 0 If You want to Hack some one First Hack Your self. 0 I am NOT a Hacker Just Learner as Security analyst.
  • 2. Information Gathering 0 “If you know the enemy and know yourself you need not fear the results of a hundred battles”
  • 3. Session Flow 0 Information Gathering- Definition 0 Initial Info gathering of websites. 0 IP range Lookup 0 DNS information gathering. 0 Web Hosting info gathering. 0 Understanding hosting control Panels. 0 Subdomains. 0 Whois information.
  • 4. Session Flow 0 Info Gathering using blogs & forums. 0 Info Gathering using search Engine 0 Info Gathering using Meta tags & Words. 0 People Search. 0 Info gathering using job portal websites.
  • 5. What is Information Gathering? 0 Information gathering is the process of collecting the information from different places about any individual company, organization, server, IP address or person. 0 Information gathering is the first step of hacking and most of the time of hacker spend his time in this process. 90% of time of a hacker spend in information gathering. 0 Information gathering plays a very vital role for both investigating and attacking purposes.
  • 6. Attacker’s Point of View 0 Attacker will first gather information like domain name, IP address, IP range, operating system, services, control panel, vulnerable services etc and later on exploit it. 0 Attackers use tools and social engineering to gather information. 0 For attacking an individual person he will find his name, address, date of birth, phone no and his personal information and then use that information for attacking that person.
  • 7. Investigator’s Point of View 0 As an investigator information gathering is powerful tool used in investigation. 0 Investigator will gather information like traces of criminal, name, address, contact no, company information etc before taking any legal action. 0 Investigators use tools and social networking sites to gather information about criminal.
  • 8. Whois 0 Whois is query to database to get following information. 1. Owner of website. 2. Email id used to register domain. 3. Domain registrar. 4. Domain name server information. 5. Related websites
  • 9. Whois Whois.net has official database of all domains.
  • 10. Whois
  • 11. Reverse IP mapping 0 Reverse IP will give number of websites hosted on same server. 0 If one website is vulnerable on the server then hacker can easily root the server.
  • 12. Trace Route 0 Trace route gives useful information regarding number of servers between your computers & remote computers. 0 Useful for investigation as well as different attacks. 0 Visualroute, Neotrace.
  • 13. Trace Route
  • 14. Info. Gathering using Search Engine 0 Search engines are efficient mediums to get specific results according to your requirements. 0 Google, yahoo, bing etc.. 0 search engine gives best results out of all.
  • 15. Info Gathering Using Search Engine 0 Maltego is an open source intelligence and forensics application. 0 It allows for the mining and gathering of information as well as the representation of this information in a meaningful way. 0 Coupled with its graphing libraries, Maltego, allows you to identify key relationships between information and identify previously unknown relationships between them.
  • 16. Maltego
  • 17. Information gathering using forum/blogs • Almost 80% internet users use blogs/forums for knowledge sharing purpose. • Information gathering from specific blog will also helpful in investigations.
  • 18. Information gathering using Jobs site
  • 19. Information Gathering Using Financial Services Google Finance Yahoo Finance
  • 20. Info Gathering using Google Maps
  • 21. Information gathering using SN Website
  • 22. People Search
  • 23. Information gathering using ESpiders 0 Email Spiders are automated soft wares which captures email ids using spiders & store them on the database. Spammers are using email spiders to collect thousand emails for spamming purposes.
  • 24. Monitoring Targets Using Google Alerts 0 Google Alerts is a content monitoring service that automatically notifies users when new content from news, web, blogs, video and/or discussion groups matches a set of search terms selected by the & stored by the Google Alerts Service. 0 Google Alerts help in monitoring a developing news story & keeping current on a competitor or industry.
  • 25. Google Alerts
  • 26. Information gathering using Web Archive 0 Archive.org maintains logs of pages of website.
  • 27. !! For Regarding any question contact me !! http://www.maulikkotak.webnode.com http://www.facebook.com/maulikkotakstar http://www.twitter.com/maulikkotakstar