Module 2: Footprinting



blogging



What Is Footprinting




Footprinting is the process of collecting as much information as possible about a target network,for identifying various ways itrude into an organisation's network system

Footprinting is the first step of an attack on information system; attacker gather publically available information,using which he/she performs social engineering,system and networkk attack,etc .that leads to huge financial loss and loss of business reputation

1.Know Security Posture
Footprinting allows atackers to know theexternal security posture of the target oraganisation

2.Reduce Focus Area
It reduce attackers focus area to specific range of ip adress,networks,domain names,remote access etc.

3.Identify Vulnerability
It allows attacker to identify vulneribilities in the target system in order to select appropriate exploits

4.Draw Network Map
It allows attacker to draws a map or outline the target oraganisation's network infrastructureto know about the actual environment that they are going to break.


Footprinting Methodology


footprinting methodology

1.Footprinting Through Search Engine



Attackers use search engine to extract information about the target such as technology platforms,employee details,login pages,internet portals,etc.Which helps in performing social engineering and other types of advanced system attacks

Search engine cache and internet archives may also provide sensitive information that has been removed from the World Wide web(www)


*Finding Company's Public And Restricted Website



Search for the target comapanys external URL in a search engine such as google,bing,etc.

Restricted URLSs provide an insight into different department and business units in an organisation

You may find companys restricted URLs by trial and error method using a service Such as Netcraft

*Determing The Operaing System



Use SHODAN search engine tht lets you find sepcific computers(routers,servers,etc)
using variety of filters

footprinting SHODAN



*Collect Location Information



Collect the location information of your target oraganisation this will let you know where your target machine is located you can use Google Earth tool to get the Physical Location of the target.\

The following Tools will help you to finding the Geographical location
1.Google Maps
2.Wikimapia
3.Yahoo Maps
4.Bing Maps



*People Search:Social Networking sites/People Search Services

Social networking sites are the great source of personal and orgaizational information.Infromation about an individual can be found at varios people search websites.thet people search returns the following information about a person or orgaizationa.

1.Residential adress and email adresses
2.Contact number and Date Of Birth
3.Photos and social networking profiles
4.Blog URLs


There are also some services which allows you to search people online as following

footprinting People search online





2.Footprinting Using Advanced Google Hacking Techniques.



*Query String


Google hacking refers to create complex search queries in order to extract sensitive or hidden information.

*Google Operators


It uses advanced Gogle search operators locate specific string of text within the search results

*Google supports serval advanced operators that help in modifying the search as follows



google search hacking

*Information Gathering Using Google advance Search



Use Google advance search option to find sites that may link back to the target company's website.
This may eatrach information such as Partners,vendors,clients,and other affiliations for target website
with google advance search option,you can search web more precisely and accurately.


3.Footprinting Through Socail Networking Sites


Collecting Infromation Through social Engineering on Socail Networking Sites



Attackers use social engineering trick to gather sensitive information,from socail networking websites such as facebook,Twitter,etc.

Attackers create fake profilw on social networking site and then use the fake identity to lure the employees to give up their sensitive information

Employees may post personal information such as date of birth,educational and employment backgrounds,spouse names etc.And information about their company such as potential clients and business partners, trade secrets of business,website,company's upcoming news,mergers,acquisitions,etc

Attackers collects information about employees intrests by tracking their group and then trick the employee to reveal more information.

*Information Available on socail Networking Sites



socail engg footprinting


4.Website Footprinting




*Website Footprinting Using Web Spiders



web spiders performs autometed searchers on the target website and collect specified information such as employee names,email adress,etc.

Attackers use the collected information to perform further footprinting and social engineering attacks.



website footprinting

*Mirroing Entire Website



Mirroring an entire website onto the local system enables anatatcker to browse offile;it also assist finding directory structure and other valuable information from the mirrored copy without multiple request to web server.

Web mirroring tools allows you to download a website to a local directory,building recursively all directories,html,images,etc.

mirroring website

*Mirroing Website Tools



website mirroring tools


5.Email Footprinting




*Collecting Information From Email Header



Email Footprinting

*Email Tracing Tools



You can track your inbox email from the following tools (website)
1.Email Tracker
2.Polite Mail

Or you can use following tools too.

email tracking tools


6.Competitive Intelligence




Competitive intelligence gathering is the process of identifying,gathering,analyzing,
verifying,and using infromation about youy competitors from resource such as the Internet

Competitive intelligence is non-interfering and subtle in nature

Competative intelligence

*Competitive Intelligence- When Did this company Begin?How did it Develop?


Competative Intelligence

*Competitive intelligence- What are the company's Plans?



competitive intelligence


7.WHOIS Footprinting




WHOIS database are maintained by Regional Internet Registers and contain the personal infromation of domain owners

WHOIS footprinting

*WHOIS Lookup Tools



WHOIS tools


8.DNS Footprinting




*Extracting DNS Information



Attackers can gather DNS information to determine key hosts in the network and can perform social engineering attack

DNS Footprinting

*DNS Interrogation Tools



DNS tools