./whoami
0 If You want to Hack some one First Hack Your self.
0 I am NOT a Hacker Just Learner as Security analyst.
Information Gathering
0 “If you know the enemy and know yourself you need

not fear the results of a hundred battles”
Session Flow
0 Information Gathering- Definition
0 Initial Info gathering of websites.
0 IP range Lookup
0 DNS information...
Session Flow
0 Info Gathering using blogs & forums.
0 Info Gathering using search Engine
0 Info Gathering using Meta tags ...
What is Information
Gathering?
0 Information gathering is the process of collecting the

information from different places...
Attacker’s Point of View
0 Attacker will first gather information like domain name, IP

address, IP range, operating syste...
Investigator’s Point of View
0 As an investigator information gathering is powerful

tool used in investigation.

0 Invest...
Whois
0 Whois is query to database to get following

information.

1. Owner of website.
2. Email id used to register domai...
Whois

Whois.net has official database of all domains.
Whois
Reverse IP mapping
0 Reverse IP will give number of websites hosted on same

server.
0 If one website is vulnerable on the...
Trace Route
0 Trace route gives useful information regarding number of

servers between your computers & remote computers....
Trace Route
Info. Gathering using Search
Engine
0 Search engines are efficient mediums to get specific

results according to your requ...
Info Gathering Using Search
Engine
0 Maltego is an open source intelligence and forensics

application.

0 It allows for t...
Maltego
Information gathering using
forum/blogs
• Almost 80% internet users use blogs/forums for

knowledge sharing purpose.
• Inf...
Information gathering using
Jobs site
Information Gathering Using Financial
Services
Google Finance

Yahoo Finance
Info Gathering using Google
Maps
Information gathering using SN
Website
People Search
Information gathering using ESpiders
0 Email Spiders are automated soft wares which

captures email ids using spiders & st...
Monitoring Targets Using
Google Alerts
0 Google Alerts is a content monitoring service that

automatically notifies users ...
Google Alerts
Information gathering using
Web Archive
0 Archive.org maintains logs of pages of website.
!! For Regarding any question contact me !!
http://www.maulikkotak.webnode.com
http://www.facebook.com/maulikkotakstar
htt...
Information gathering
Information gathering
Upcoming SlideShare
Loading in...5
×

Information gathering

1,218

Published on

Information gathering is the process of collecting the information from different places about any individual company, organization, server, IP address or person.

Information gathering is the first step of hacking and most of the time of hacker spend his time in this process. 90% of time of a hacker spend in information gathering.

Information gathering plays a very vital role for both investigating and attacking purposes.

Published in: Education, Technology, Design
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,218
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
35
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Information gathering

  1. 1. ./whoami 0 If You want to Hack some one First Hack Your self. 0 I am NOT a Hacker Just Learner as Security analyst.
  2. 2. Information Gathering 0 “If you know the enemy and know yourself you need not fear the results of a hundred battles”
  3. 3. Session Flow 0 Information Gathering- Definition 0 Initial Info gathering of websites. 0 IP range Lookup 0 DNS information gathering. 0 Web Hosting info gathering. 0 Understanding hosting control Panels. 0 Subdomains. 0 Whois information.
  4. 4. Session Flow 0 Info Gathering using blogs & forums. 0 Info Gathering using search Engine 0 Info Gathering using Meta tags & Words. 0 People Search. 0 Info gathering using job portal websites.
  5. 5. What is Information Gathering? 0 Information gathering is the process of collecting the information from different places about any individual company, organization, server, IP address or person. 0 Information gathering is the first step of hacking and most of the time of hacker spend his time in this process. 90% of time of a hacker spend in information gathering. 0 Information gathering plays a very vital role for both investigating and attacking purposes.
  6. 6. Attacker’s Point of View 0 Attacker will first gather information like domain name, IP address, IP range, operating system, services, control panel, vulnerable services etc and later on exploit it. 0 Attackers use tools and social engineering to gather information. 0 For attacking an individual person he will find his name, address, date of birth, phone no and his personal information and then use that information for attacking that person.
  7. 7. Investigator’s Point of View 0 As an investigator information gathering is powerful tool used in investigation. 0 Investigator will gather information like traces of criminal, name, address, contact no, company information etc before taking any legal action. 0 Investigators use tools and social networking sites to gather information about criminal.
  8. 8. Whois 0 Whois is query to database to get following information. 1. Owner of website. 2. Email id used to register domain. 3. Domain registrar. 4. Domain name server information. 5. Related websites
  9. 9. Whois Whois.net has official database of all domains.
  10. 10. Whois
  11. 11. Reverse IP mapping 0 Reverse IP will give number of websites hosted on same server. 0 If one website is vulnerable on the server then hacker can easily root the server.
  12. 12. Trace Route 0 Trace route gives useful information regarding number of servers between your computers & remote computers. 0 Useful for investigation as well as different attacks. 0 Visualroute, Neotrace.
  13. 13. Trace Route
  14. 14. Info. Gathering using Search Engine 0 Search engines are efficient mediums to get specific results according to your requirements. 0 Google, yahoo, bing etc.. 0 search engine gives best results out of all.
  15. 15. Info Gathering Using Search Engine 0 Maltego is an open source intelligence and forensics application. 0 It allows for the mining and gathering of information as well as the representation of this information in a meaningful way. 0 Coupled with its graphing libraries, Maltego, allows you to identify key relationships between information and identify previously unknown relationships between them.
  16. 16. Maltego
  17. 17. Information gathering using forum/blogs • Almost 80% internet users use blogs/forums for knowledge sharing purpose. • Information gathering from specific blog will also helpful in investigations.
  18. 18. Information gathering using Jobs site
  19. 19. Information Gathering Using Financial Services Google Finance Yahoo Finance
  20. 20. Info Gathering using Google Maps
  21. 21. Information gathering using SN Website
  22. 22. People Search
  23. 23. Information gathering using ESpiders 0 Email Spiders are automated soft wares which captures email ids using spiders & store them on the database. Spammers are using email spiders to collect thousand emails for spamming purposes.
  24. 24. Monitoring Targets Using Google Alerts 0 Google Alerts is a content monitoring service that automatically notifies users when new content from news, web, blogs, video and/or discussion groups matches a set of search terms selected by the & stored by the Google Alerts Service. 0 Google Alerts help in monitoring a developing news story & keeping current on a competitor or industry.
  25. 25. Google Alerts
  26. 26. Information gathering using Web Archive 0 Archive.org maintains logs of pages of website.
  27. 27. !! For Regarding any question contact me !! http://www.maulikkotak.webnode.com http://www.facebook.com/maulikkotakstar http://www.twitter.com/maulikkotakstar
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×