Get Started. It's Free
or sign up with your email address

1. Footprinting

1.1. Footprinting (also known as reconnaissance) is the technique used for gathering information about computer systems and the entities they belong to. To get this information, a hacker might use various tools and technologies. This information is very useful to a hacker who is trying to crack a whole system.

2. Footprinting Terminologies

2.1. - Open Source or Passive Information Gathering: Collect information about a target from the publicly accessible source

2.2. - Active Information Gathering: Gather information through social engineering on-site visits, interviews, and questionnaires

2.3. - Anonymous Footprinting: Gather information from sources where the author of the information cannot be identified or traced

2.4. - Pseudonymous Footprinting: Collect information that might be published under a different name in an attempt to preserve privacy

2.5. - Organizational or Private Footprinting: Collect information from an organization´s web-based calendar and email services

2.6. - Internet Footprinting: Collect information about a target from the Internet

3. Objectives of Footprinting

3.1. Collect Network Information

3.1.1. The network information can be gathered by performing a Whois database analysis, trace routing, etc. includes: • Domain name • Internal domain names • Network blocks • IP addresses of the reachable systems • Rogue websites/private websites • TCP and UDP services running • Access control mechanisms and ACLs • Networking protocols • VPN points • ACLs • IDSes running • Analog/digital telephone numbers • Authentication mechanisms • System enumeration

3.2. Collect System Information

3.2.1. • User and group names • System banners • Routing tables • SNMP information • System architecture • Remote system type • System names • Passwords

3.3. Collect Organization’s Information

3.3.1. • Employee details • Organization's website • Company directory • Location details • Address and phone numbers • Comments in HTML source code • Security policies implemented • Web server links relevant to the organization • Background of the organization • News articles/press releases

4. Footprinting Threats

4.1. - Business loss - Corporate espionage - Privacy loss - Social dngineering - System and network attacks - Information leakage

5. Footprinting Methodology

6. Footprint using Google Hacking Techniques.

6.1. Site Mapping To find every web page Google has crawled for a specific site, use the site: operator. Consider the following query: site: microsoft This query searches for the word microsoft, restricting the search to the web site.

6.2. Finding Directory Listings Directory listings provide a list of files and directories in a browser window instead of the typical text-and graphics mix generally associated with web pages

6.3. Versioning: Obtaining the Web Server Software/Version The exact version of the web server software running on a server is one piece of information an attacker needs before launching a successful attack against that web server. If an attacker connects directly to that web server, the HTTP (web) headers from that server can provide this essential information.

7. Google advanced search operators

7.1. “Search Term” This operator searches for the exact phrase within speech marks only.

7.2. site: This searches only within a given domain – delectable when you want to only search within the confines of a particular site.

7.3. link: Use this operator to find links to a domain.

7.4. source: This is one that only works in Google News search