Sunday, 11 January 2015


Ethical hacking techniques::information gathering

This portion of hacking emphasize on act of gathering the information so that we can trace  the footprint which is left behind the suspect.

There are many technique,several tools,including public sources that can help to gather information about your target network. Some technique and tools are given below.

whois has official database of all domains and it is a query to database to  get following information.
*Owner of website.
*Email id used to register domain.
*Domain name server information.
*Domain register.
*Related website.


Nslookup is program to query domain name servers of website.
MX record also reveals IP address of mail server.

Reverse IP mapping
  • Reverse IP will give number of websites hosted on same server.
  • If one website is vulnerable on the server then hacker can easily root the server.

DNS Information

Trace Route
  Path Analyzer pro.Find out IP addresses
 Troubleshoot Network availability & Performance.
 Locate firewalls & Routers which impacts connection.
 Find out MX records.
 Trace actual applications.
 Generate & Print Reports.
 Also able to perform continuous checks.

Info. Gathering using search engine

 Search engines are efficient mediums to get specific results according to your requirements.
Google & yahoo search engine gives best results out of all.

  • This type of search engines retrieves results from different search engine & make relation or connections between those results.
  • Maltego is an open source intelligence and forensics application.
  • It allows for the mining and gathering of information as well as the representation of this information in a meaningful way.
  • Coupled with its graphing libraries, Maltego, allows you to identify key relationships between information and identify previously unknown relationships between them.

Information gathering from various source
  • Almost 80% internet users use blogs/forums for knowledge sharing purpose.
  • Information gathering from specific blog will also helpful in investigations.
  • Email Spiders are automated softwares which captures email ids using spiders & store them on the database. Spammers are using email spiders to collect thousand emails for spamming purposes.

No comments:

Post a Comment