These slides guides you through the tools and techniques one can use for footprinting websites or people.You will find amazing tools and techniques have a look
2. What is Footprinting?
Footprinting is a technique to collect as much information as possible about
the targeted network/system/website for identifying various ways to intrude
into the system.
Types:
1.Passive: Gathering information about the target without direct interaction.
2.Active: Gathering information about the target with direct interaction.
3. Passive Footprinting involves:
Finding information through search engines
Google, Bing, DuckDuckGo, https://www.searchenginecolossus.com/
Finding top-level domains and sub-domains
Sublist3r,Dnsdumpster,netcraft,nmap - -script dns-brute www.example.com
Collecting location information through webservices
Google earth, Google map, mapquest, wikimap iplogger.org
Gathering infrastructure details of the target organization through job sites.
http://www.careerbuilder.co.in/
Extracting information through internet archives
WayBackMachine, archive.org, foca, Web Data Extractor
Monitoring target using alert services
Changedetection.com, websitewatcher, google alerts, twitter alerts etc
Determining the Operating System used by Target
netcraft.com, shodan.io (shodan search book), Censys.io
https://www.defcon.org/images/defcon-18/dc-18-presentations/Schearer/DEFCON-
18-Schearer-SHODAN.pdf
4. Continued
Performing people search using social networking sites & people search archives
pipl.com, namecheck.com , Spokeo, BeenVerified, LinkedIn Inspy(techSpy,
EmpSpy), Myspace, Pinterest etc.
Determining the webserver, cms, webservice used by target organization
Wappalyzer browser extension, WHATCMS, BuiltWith,Analysis of html code
Finding if target has similar or parallel domains
urlcrazy –p url
Footprinting through advance google hacking
Google Dorks,GHDB ( https://www.exploit-db.com/google-hacking-database),
cve,explot-db
Information gathering using google advance search or advanced image search
https://www.google.com/advanced_search
https://www.google.com/advanced_image_search
5. Passive Footprinting involves:
Querying published name servers of target
Recursive DNS Queries(amplifier attack)
Extract metadata of published documents and files
Gathering website information using web spidering and mirroring tools
Burp Suite, Zaproxy, Firebug, Accunetix, SpiderFoot, Visual SEO
Gathering information through email tracking
email header, eMailTrackerPro, Zendio, ReadNotify
Performing Whois lookup
http://whois.domaintools.com, tamos.com,
Extracting DNS information
dnssniffer.com, Nslookup
Performing Traceroute analysis
tracert, pathanalyzer.com, visualroute.com
Performing Social engineering
Eavesdropping(interception), Shoulder Surfing(observation), Dumpster
diving(trash inspection i.e phone bills)
6. What Users Do What attacker Gets
Maintain profile Contact info, location & related info
Connect to friends, chatting Friends list, friend’s info & related info
Share photos and videos Identity of family members, Interests
Play games, join groups Interests
Create events Activities
What Organizations Do What attacker Gets
User surveys Business strategies
Promote products Product profile
User support Social Engineering
Recruitment Platform/technology information
Background check to hire employees Type of business