Footprinting and Reconnaissance

Footprinting is a part of reconnaissance(recognition) process which is used for information gathering about a target computer system or a network and is both passive and active.Reviewing the companys website is an example of passive footprinting,whereas attempting to gain access to sensitive information through social engineering is an example of active information gathering.

Scanning entails pinging machines,determining network ranges and port scanning individual systems.Footprinting is basically the first step where hacker gathers as much information as possible to find ways to intrude into a target system or at least decide what type of attacks will be more suitable for the target.


There are many types of footprinting :-

Whois footprinting

Network footprinting

DNS footprinting

Competitive intelligence

Email & footprinting

Website footprinting

Social Engineering

Google Hacking


Whois footprinting

Whois is an important that can be used to collect information about a target. This would give information about the :-

Domain ID

Domain name

Created On

Last Updated On

Expiration Date

Registrant Name

Registrant Street1

Admin Name

Name Server

IP Addresses

Phone numbers

Network services and applications

Access control mechanisms

Contact addresses

Information About target background


There are some online links , a hacker used for Whois footprinting to gather above information :-


https://in.godaddy.com/whois

http://whois.domaintools.com/

https://www.whois.com/

https://www.whois.net/

http://www.dnsstuff.com

http://allwhois.org


Footprinting and Reconnaissance


Footprinting may also require manual research,such as studying the companys Web page for useful information through the web, for example:

  • * Company contact names,all phone numbers and how much email addresses
  • * Company locations and its branches all over world
  • * find Other companies with which the target company partners or deals
  • * some News,such as mergers or acquisitions
  • * how much Links to other company-related sites
  • * Company privacy policies, which may help identify the types of security mechanisms in place

If you are new to websites, you may be unfamiliar with some of the additional services that registrars offer when you purchase a domain. One service that can be especially confusing is domain privacy protection.

Remember all that personal information you submitted when you started to register your domain? Well all of that goes to the Whois directory — a place where anyone can look up a website and find information about who owns it, what hosting service they use, their address and phone number, and other pertinent facts.

All your personal information can end up right on the web for anyone to see.

But with domain privacy protection, that personal information will be masked and replaced with contact information for the company that is providing the service.

Protecting your personal information with a service like Whois Privacy is essential for individuals who want to stay safe. The service offers the following benefits for website owners.

* Prevent identity or information theft

* Avoid telemarketing and spam

* Stop unsavory characters from getting personal information

* Share only the information you are comfortable with


Social Engineering

Social engineering is commonly understood to mean the art of manipulating people into performing actions. The people who need to hide their crimes say it is similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the global criminals/victims.


1) Fake Name Generator

Generate a random character with a fake name for games, novels, or alter ego avatars of yourself. Create a new virtual disposable identity instantly. You can go further and tell your friends to call you with the new name from the fake ID name generator.

Where do these identities come from?

Name: Names are generated by randomly pulling a first and a last name out of a database. However, we assure you that these names are randomly generated.

Street address : The house number is a randomly generated number. The generated street address is not valid.

City, state, and postal code: We have compiled a database containing hundreds of thousands of valid city, state, and postal code combinations. One of these combinations is randomly pulled from the database for each identity.

Email address: The generated email address is in the format of Generated Name@Anonymous Email Service.com. The anonymous email services are provided free of charge by the Fake Mail Generator, our temporary email service.

Telephone number: We have compiled a database of valid area codes and prefixes. One of these combinations is randomly pulled from the database, and then a random number of the appropriate length is added to the end to make the phone number the correct length.

Mothers maiden name :A random name is pulled from our database of last names, and listed as the "mothers maiden name".

Birthday:The birthday is a randomly generated date.

Birthday:The birthday is a randomly generated date.

These Informations are completely random, and are extremely unlikely to match the generated name.

Footprinting and Reconnaissance


http://www.fakenamegenerator.com/


2) 10 Minute Mail

10 minute mail is a free, disposable e-mail service. Your temporary e-mail address will expire after 10 minutes, after which you cannot access it. You can extend the time by 10 minutes. The website you are registering with could be selling your personal information; you never know where your e-mail will be published. An email address with a 10 minute lifespan is the best solution to prevent this.



Footprinting and Reconnaissance

https://10minutemail.net/

https://10minutemail.com/


3) disposable email address

It is a free temporary email service, you are given a random email address or you can choose one you like, and you can use it when registering to new websites or test-driving untrusted services which require an email for login. All emails received by servers are displayed automatically in your online browser inbox.


Footprinting and Reconnaissance

https://getnada.com/

4) Receive SMS Online

Receive SMS Online
It is FREE service for receive SMS messages online, based on REAL SIM and shows you the exact information received by the modem with Dynamic Sender ID. On this website you can check if you receive SMS on different routes,or if you receive using the Dynamic Sender ID feature.

How to use?
Select one of the numbers listed below and you can see the SMS that reach that number within seconds.All messages are shown, nothing is blocked.



Footprinting and Reconnaissance

https://www.receive-sms-online.info/


5) iplogger

It is a simple and handy web-service for IP-address logging and collecting statistics for your blog, forum or website. Please make sure that you do not use for any unlawful reason, you do not use it to obtain any personal information of somebody and you do not perform any illegal or illicit activity using its services or information that may be obtained using its services.


Footprinting and Reconnaissance


https://iplogger.org/


6) Google Dashboard

Google Dashboard lets users of the Internet view and manage personal data collected about them by Google Inc. With an account, Google Dashboard allows users to have a summary view of their Google+, Google location history, Google web history, Google Play apps, YouTube and more. Once logged in, it summarizes data for each product the user uses and provides direct links to the products. The program allows setting preferences for personal account products.

The only information that is shared with Google Dashboard is information generated while one is logged into an account.

All data in Dashboard is considered private unless settings are changed.Google allows the user control of all the information that they provide and allows the data submitted to be purged from each app.


https://myaccount.google.com/dashboard


7) duckduckgo

DuckDuckGo is an Internet search engine that emphasizes protecting searchers privacy and avoiding the filter bubble of personalized search results



Footprinting and Reconnaissance

https://duckduckgo.com/


8) Spokeo

People search engine and free white pages finds phone, address, email, and photos. Find people by name, email, address, and phone for free.



Footprinting and Reconnaissance

https://www.spokeo.com/


8) lullar

This is a search engine for social network profiles. You can enter an email address and the profile will pop up for many of the common social networks.



Footprinting and Reconnaissance

http://www.lullar.com/


There are some popular types of social engineering attacks include :-

Phishing : Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and, indirectly, money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.

Spear phishing: Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business. Although often intended to steal data for malicious purposes, cybercriminals may also intend to install malware on a targeted users computer.

Pretexting: Pretexting is a form of social engineering in which an individual lies to obtain privileged data. A pretext is a false motive. Pretexting often involves a scam where the liar pretends to need information in order to confirm the identity of the person he is talking to.

Scareware: malicious computer programs designed to trick a user into buying and downloading unnecessary and potentially dangerous software, such as fake antivirus protection.


Competitive intelligence

Competitive intelligence (CI) is the gathering of publicly-available information about an enterprises competitors and the use of that information to gain a business advantage. The goals of competitive intelligence include discerning potential business risks and opportunities and enabling faster reaction to competitors actions and events.

Publicly-available information, in this context, refers to any information that can be legally obtained, rather than information that the business being investigated offers freely. Sources of publicly available information include -- among a great number of other possibilities -- company directories, legal filings and documentation from government agencies and regulatory bodies.


1) Change Detection

1) It provides page change monitoring and notification services to internet users worldwide. Anyone can use our service to monitor any website page for changes. Just fill in the form below, we will create a change log for the page and alert you by email when we detect a change in the page text.



Footprinting and Reconnaissance


https://www.changedetection.com/


2) Website Watcher

WebSite-Watcher detects website updates for you and highlights all changes in the text!

Dont waste hours checking websites for updates when WebSite-Watcher can do it automatically for you

Know what your competitors are doing, WebSite-Watcher scans their websites for you

Know when a new software version or driver update is released, WebSite-Watcher detects the updates for you

Stay informed with new postings or answers in discussion forums, WebSite-Watcher will notify you as soon as possible



Footprinting and Reconnaissance


http://www.aignes.com/index.htm

Email footprinting

Email is one of our main forms of communication in the business world. Learn why email addresses and company directories are coveted target for a hacker. Lisa Bock reviews why it is important to limit your exposure of your companys email lists because of Spearphishing, spoofing and identity theft risks.

1) Secure email by streak

SecureGmail encrypts and decrypts emails you send in Gmail. This happens all on your machine, and the unencrypted text never reaches Google servers. This is useful if you dont want anyone but the intended recipient to ever read your email (i.e. companies, governments, etc.)

How secure is it?

SecureGmail uses symmetric encryption to encrypt and decrypt each message. The password is decided by the user and assumes the recipient already knows it. SecureGmail is only as good as your password, pick an easy to guess password and it will be easy to break. Shared knowledge can be a useful and convenient password. Remember to never email or IM your password for others to intercept.


  • 1. SecureGmail - send encrypted email.
  • 2. Enter "Secure" compose mode. Entering secure mode is easy, its right next to the compose button.
  • 3. Easy Security. Encrypting your messages are simple, you just need to enter a password that your recipient will know.


Footprinting and Reconnaissance


https://www.streak.com/securegmail


2) boomerang email

Send an email later

With Boomerang, you can write an email now and schedule it to be sent automatically at the perfect time. Just write the messages as you normally would, then click the Send Later button. Use our handy calendar picker or our text box that understands language like "next Monday" to tell Boomerang when to send your message. We will take it from there.



Footprinting and Reconnaissance


https://www.boomeranggmail.com/


3) ReadNotify

ReadNotify is the original tracking service of its kind, and remains the most powerful and reliable email and document tracking service in the world today. In short - ReadNotify tells you when your tracked emails and documents are opened / re-opened / forwarded and so much more

About ReadNotify :- http://www.readnotify.com/readnotify/about.asp




Footprinting and Reconnaissance


http://www.readnotify.com/readnotify/join.asp


4) Online EMailTracer

EmailTracer is a tool to track email sender’s identity. It analyzes the email header and gives the complete details of the sender like IP address, which is key point to find the culprit and the route followed by the mail, the Mail Server, details of Service Provider etc. EmailTracer traces up to Internet Service Provider level only. Further tracing can be done with the help of ISP and law enforcement agencies. The message-id will be useful for analyzing the mail logs at ISP.

  • 1. Open the message in your Gmail inbox.
  • 2. Click the down-arrow in the top-right corner of the message.
  • 3. Click the "Show original" link toward the bottom of the options box. The message will open in a separate window with the full message headers at the top.


Footprinting and Reconnaissance


Click here to visit


Footprinting tools for email tracker :-

VisualRoute Mail Tracker –It shows the numbr oh hops made and the respective IP addresses, the node name,location, time zone and network.

eMail Tracker Pro –the email analysis tootl that enables analysis of an email and its headers abutomatically, and provides graphical results.

Read Notify - http://www.readnotify.com

E-Mail Spiders - also use for Foot printing

GEO spider –its help you to detect,identify and monitoring your network activity onthe World map.

Geowhere - It handle many popular newsgroup to find answers to your queries in an easy and fast manner

Google Earth –its put a planet’s worth of imagery and other geo info.

Webferret –its searches the web quickly and throughly by instantly submiting the search query to multiple search engine


List of Search Engine as Footprinting Tools

Kartto –http://www.kartoo.com

Dogpile –http://www.dogpile.com(Meta Saerch Engine)


Website Footprinting

Just by visiting the targets website a hacker can collect great amount of information, such as their emails addresses, partners, client’s list, physical addresses of their offices and HR openings etc.

Website can be further analyzed for error pages. Errors can appear if you put invalid data in search boxes or contact forms. Errors can reveal details about website content management system software, its version, scripting and type of server used– Linux or Windows etc


1) Archive.org

1. Content management system and framework

2. Script and platform of the website and webserver

3. Web crawling

4. Extract meta data and contact details from website

5. Website and web page monitoring and analyzer


It is an online tool use for visiting archived version of any website.

Archive.org has search option as wayback machine which is like a time machine for any website. It contains entire information from past till present scenario of any website either their layout or content everything related to website is present inside. In simple words it contains history of any website.


Footprinting and Reconnaissance


https://web.archive.org/


2) Built With

Build lists of websites from our database of web technologies and over a quarter of a billion websites showing which sites use shopping carts, analytics, hosting and many more. Filter by location, traffic, vertical and more.

BuiltWith is a web site profiler tool. Upon looking up a page, BuiltWith returns all the technologies it can find on the page. BuiltWith’s goal is to help developers, researchers and designers find out what technologies pages are using which may help them to decide what technologies to implement themselves.


Footprinting and Reconnaissance

https://builtwith.com/


Footprinting and Reconnaissance

click here to visit



3) Web crawling

Web-crawling utilities, such as HTTrack website Copier, can mirror your website by downloading every publicly accessible file from it. You can then inspect that copy of the website offline, digging into the following:

  • * The website layout and configuration
  • * Directories and files that might not otherwise be obvious or readily accessible.
  • * The HTML and script source code of web pages
  • * Comment fields

Comment fields often contain useful information such as names and e-mail addresses of the developers and internal IT personnel, server names, software versions, internal IP addressing schemes, and general comments about how the code works.

HTTrack

It is a free and open source Web crawler and offline browser. It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer.



Footprinting and Reconnaissance

https://www.httrack.com/page/2/en/index.html


4) Web Data Extractor

Web Data Extractor Pro is a web scraping tool specifically designed for mass-gathering of various data types. It can harvest URLs, phone and fax numbers, email addresses, as well as meta tag information and body text. Special feature of WDE Pro is custom extraction of structured data.

This high-speed and multithreaded program works by using a keyword into search engines, by spidering a website or a list of URLs from a file. You can also allow it to follow external links from the original pages, with the capability to go as deep into the URL paths as you need and actually search the entire Internet.



Footprinting and Reconnaissance


http://www.webextractor.com/


DNS Footprinting

DNS (Domain Name System) records look can reveal information about MX entry which indicates where and which email application services are being used. This information can be used later to exploit mail services and email accounts.

Attacker performs DNS footprinting in order to enumerate DNS record details and type of servers. There are many type of DNS record which provide important information related to target location.

  • 1. A/AAAA
  • 2. SVR
  • 3. NS
  • 4. TXT
  • 5. MX
  • 6. CNAME
  • 7. SOA
  • 8. RP
  • 9. PTR
  • 10.HINFO


1) Domain Dossier

it is an online tool use for complete DNS footprinting as well as whois footprinting.

There are so many online tool use for DNS footprinting , using domain dossier we will check for DNS records of penetstlab.in, select the check box for DNS records and traceroute and then click on go.


Footprinting and Reconnaissance

https://centralops.net/co/domaindossier.aspx


2) You get signal

it is also an online tool use for DNS footprinting as well as for Network footprinting

A reverse IP domain check takes a domain name or IP address pointing to a web server and searches for other sites known to be hosted on that same web server. Data is gathered from search engine results, which are not guaranteed to be complete


Footprinting and Reconnaissance

https://www.yougetsignal.com/tools/web-sites-on-web-server/


3) DNS Dumpster

It is a FREE domain research tool that can discover hosts related to a domain. Enumerate a domain and pull back up to 40K subdomains, results are available in a XLS for easy reference.


Footprinting and Reconnaissance

https://dnsdumpster.com/


4) Pathanalyzer

Path Analyzer Pro delivers advanced network route-tracing with performance tests, DNS, whois, and network resolution to investigate network issues. By integrating all these powerful features into one simple


Sharing is caring

google
linkedin

About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).


You may also like :-




Leave a Comment

Your email address will not be published. Required fields are marked *




Reader Comments [16]

Christian

Hello!
I came to know your website through facebook, i find it useful for ethical hacking tricks.
Keep up, i'm very interrested and satisfied by all your posts.

best regards!

28-Mar-2019

Reply

Garage Door Service

Please let me know if you're looking for a article writer for your blog.
You have some really great articles and I believe I would be a
good asset. If you ever want to take some of the load off, I'd love to write some content
for your blog in exchange for a link back to mine. Please blast me an email if interested.
Thank you!

26-Jul-2019

Reply

hendersonville nc real estate

I used to be recommended this blog by my cousin. I'm not certain whether this put up is written by him as no one else recognize such targeted about my
trouble. You are amazing! Thank you!

03-Aug-2019

Reply

solid seo vps review

Hey there! Would you mind if I share your blog with my facebook group?
There's a lot of people that I think would really enjoy your content.
Please let me know. Thank you

06-Aug-2019

Reply

Lee

Reg. Each are good, but one's extra convenient.

15-Aug-2019

Reply

nike epic react flyknit

I simply desired to say thanks again. I am not sure the things I would've used in the absence of the aspects contributed by you about that theme. It absolutely was a real challenging situation in my circumstances, nevertheless being able to view the very specialized style you dealt with it took me to weep with fulfillment. Now i am grateful for this advice and in addition trust you realize what a great job that you are getting into teaching many others using your website. I know that you've never encountered any of us.

29-Aug-2019

Reply

Roma

It's very trouble-free to find out any matter on net as compared to books, as I found this post at this web
site.

25-Nov-2019

Reply

Cathryn

When someone writes an article he/she keeps the plan of a user in his/her mind that how a
user can be aware of it. Thus that's why this post is outstdanding.
Thanks!

03-Mar-2020

Reply

Danae

I am sure this piece of writing has touched all the internet visitors,
its really really nice paragraph on building up new blog.

04-Mar-2020

Reply

tatami

Hi there to every one, the contents existing at this website are really awesome for people
experience, well, keep up the nice work fellows.

04-Mar-2020

Reply

Alina

Highly descriptive article, I enjoyed that a lot. Will there be a part 2?

05-Mar-2020

Reply

meja kerja

I don't even know the way I ended up here, however I assumed this submit used to
be great. I don't recognize who you are but certainly you're going to
a famous blogger when you aren't already. Cheers!

05-Mar-2020

Reply

gaple uang asli

Wo ai leandro tokarevski art!

05-Mar-2020

Reply

line

As the admin of this site is working, no question very
rapidly it will be well-known, due to its quality contents.

06-Mar-2020

Reply

Maurice

whoah this blog is fantastic i really like reading your posts.

Stay up the good work! You recognize, many people are looking around for
this info, you can aid them greatly.

07-Mar-2020

Reply

AGL immo

Thanks very interesting blog!

14-Mar-2020

Reply

Stay Connected

Popular Posts

Get Latest Stuff Through Email


Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..