Footprinting | Information-Gathering Methodology



Footprinting is defined as the process of creating a blueprint or map of an organization's network and systems. Information gathering is also known as footprinting an organization. Footprinting begins by determining the target system, application, or physical location of the target. Once this information is known, specific information about the organization is gathered using nonintrusive methods. For example, the organization's own web page may provide a personnel directory or a list of employee bios, which may prove useful if the hacker needs to use a social-engineering attack to reach the objective.
The information the hacker is looking for during the footprinting phase is anything that gives clues as to the network architecture, server, and application types where valuable data is stored. Before an attack or exploit can be launched, the operating system and version as well as application types must be uncovered so the most effective attack can be launched against the target. Here are some of the pieces of information to be gathered about a target during footprinting:
  • Domain name
  • Network blocks
  • Network services and applications
  • System architecture
  • Intrusion detection system
  • Authentication mechanisms
  • Specific IP addresses
  • Access control mechanisms
  • Phone numbers
  • Contact addresses
Once this information is compiled, it can give a hacker better insight into the organization, where valuable information is stored, and how it can be accessed.

Footprinting Tools

Footprinting can be done using hacking tools, either applications or websites, which allow the hacker to locate information passively. By using these footprinting tools, a hacker can gain some basic information on, or "footprint," the target. By first footprinting the target, a hacker can eliminate tools that will not work against the target systems or network. For example, if a graphics design firm uses all Macintosh computers, then all hacking software that targets Windows systems can be eliminated. Footprinting not only speeds up the hacking process by eliminating certain toolsets but also minimizes the chance of detection as fewer hacking attempts can be made by using the right tool for the job.
For the exercises, you will perform reconnaissance and information gathering on a target company. I recommend you use your own organization, but because these tools are passive, any organization name can be used.
Some of the common tools used for footprinting and information gathering are as follows:
  • Domain name lookup
  • Whois
  • NSlookup
  • Sam Spade
Before we discuss these tools, keep in mind that open source information can also yield a wealth of information about a target, such as phone numbers and addresses. Performing Whois requests, searching domain name system (DNS) tables, and using other lookup web tools are forms of open source footprinting. Most of this information is fairly easy to get and legal to obtain.

Footprinting a Target

Footprinting is part of the preparatory preattack phase and involves accumulating data regarding a target's environment and architecture, usually for the purpose of finding ways to intrude into that environment. Footprinting can reveal system vulnerabilities and identify the ease with which they can be exploited. This is the easiest way for hackers to gather information about computer systems and the companies they belong to. The purpose of this preparatory phase is to learn as much as you can about a system, its remote access capabilities, its ports and services, and any specific aspects of its security.

6 comments:

  1. This is nice information. Special thanks for it.You can also read: Ethical Hacking

    ReplyDelete
    Replies
    1. Ceh: Certified Ethical Hacker: Footprinting >>>>> Download Now

      >>>>> Download Full

      Ceh: Certified Ethical Hacker: Footprinting >>>>> Download LINK

      >>>>> Download Now

      Ceh: Certified Ethical Hacker: Footprinting >>>>> Download Full

      >>>>> Download LINK TQ

      Delete
  2. I can't believe I can earn money weekly from trading , this is amazing , and all this is from the effort of a company called skylink technology whom I met online and help me out in trading and gave me good tips about trading physiology... indeed skylink technology is a bitcoin/binary forex experts and company and I won't stop thanking them and sharing my testimony until am fully satisfied...... Interested traders should  free free to contact mail: skylinktechnes@yahoo.com  or  whatsapp/telegram: +1(213)785-1553 

    ReplyDelete
  3. Hello Everyone !

    USA SSN Leads/Fullz available, along with Driving License/ID Number with good connectivity.

    All SSN's are Tested & Verified.

    **DETAILS IN LEADS/FULLZ**

    ->FULL NAME
    ->SSN
    ->DATE OF BIRTH
    ->DRIVING LICENSE NUMBER
    ->ADDRESS WITH ZIP
    ->PHONE NUMBER, EMAIL
    ->EMPLOYEE DETAILS

    *Price for SSN lead $2
    *You can ask for sample before any deal
    *If you buy in bulk, will give you discount
    *Sampling is just for serious buyers

    ->Hope for the long term business
    ->You can buy for your specific states too

    **Contact 24/7**

    Whatsapp > +923172721122

    Email > leads.sellers1212@gmail.com

    Telegram > @leadsupplier

    ICQ > 752822040

    ReplyDelete
  4. GET RICH WITH THE USE OF BLANK ATM CARD FROM
    (besthackersworld58@gmail.com)
    Has anyone here heard about blank ATM card? An ATM card that allows you to withdraw cash from any Atm machine in the world. No name required, no address required and no bank account required. The Atm card is already programmed to dispense cash from any Atm machine worldwide. I heard about this Atm card online but at first i didn't pay attention to it because everything seems too good to be true, but i was convinced & shocked when my friend at my place of work got the card from guarantee Atm card vendor. We both went to the ATM machine center and confirmed it really works, without delay i gave it a go. Ever since then I’ve been withdrawing $1,500 to $5000 daily from the blank ATM card & this card has really changed my life financially. I just bought an expensive car and am planning to get a house. For those interested in making quick money should contact them on: Email address : besthackersworld58@gmail.com or WhatsApp him on +1(323)-723-2568

    ReplyDelete

Popular Posts