Book of Eopi
  • 😍About the Author
  • πŸ€–ChatGPT for Cybersecurity
  • πŸ“˜CERTIFICATIONS
    • Certified Ethical Hacker (C|EH)(Practical)
      • Reconnaissance (Footprinting)
      • Scanning Networks
      • Vulnerability Analysis
      • System Hacking
      • Sniffing
      • SQL Injection
      • Remote code execution
      • Hacking Web Applications & Servers
        • Local and remote file inclusion
        • File upload bypass
        • Cross-site scripting
        • Cross-site request forgery
        • Server-side request forgery
      • Exploitation
        • Working with exploits
        • Password cracking
        • Metasploit
        • Buffer overflow
      • Cloud Computing
      • Cryptography
      • Mobile Pentesting Resources
      • Learning resources
  • 🏁My Hacking Materials
    • My Most Frequently Used Hacking Commands
    • RickdiculouslyEasy: 1 VulnHub WriteUp
    • Corrosion: 2 VulnHub WriteUp
    • Hackable: 3 VulnHub WriteUp
    • Empire: LupinOne Vulnhub WriteUp
  • 🐧101 Labs for Linux
    • πŸ’»Hardware and System Configuration
      • LAB 1 - Boot Sequence
  • πŸ”§Mod Nintendo Switch Game
    • πŸ”ΉPokΓ©mon Brilliant Diamond and Shining Pearl
      • πŸŸ₯Install mods on Nintendo Switch
      • 🟦Install mods on Yuzu/Ryujinx Emulator
      • πŸ” Custom font for PokΓ©mon BDSP
  • πŸ“–SHARE TΓ€I LIỆU NVSP
    • 1️⃣HỌC PHαΊ¦N 1
    • 2️⃣HỌC PHαΊ¦N 2
    • 3️⃣HỌC PHαΊ¦N 3
    • 4️⃣HỌC PHαΊ¦N 4
    • 5️⃣HỌC PHαΊ¦N 5 (chΖ°a hoΓ n thiện)
    • 6️⃣HỌC PHαΊ¦N 6
  • βš”οΈTα»•ng Hợp VΓ΅ LΓ’m 2
    • πŸ’°Server JX2 2014 - BαΊ£n Kinh Doanh
    • πŸ‘‘Server JX2 2014 - PhiΓͺn bαΊ£n Offline
    • πŸ‘‘Server JX2 2017 - PhiΓͺn BαΊ£n Offline
    • πŸ‘‘Server JX2 2021 - PhiΓͺn BαΊ£n Offline
Powered by GitBook
On this page
  • Information Gathering using Google Dorks
  • Netcraft and Peekyou
  • Harvesting Email using theHarvester
  • Sherlock
  • Ping
  • Web Data Extractor
  • HTTrack
  • Cwel
  • Email Tracker Pro
  • Whois Lookup using Domain Tools
  • DNS Footprinting
  • nslookup
  • DNSrecon
  • TraceRoute
  • Path Analyzer Pro
  • Other Tools
  1. CERTIFICATIONS
  2. Certified Ethical Hacker (C|EH)(Practical)

Reconnaissance (Footprinting)

Welcome to the Footprinting module. This note will guide you thru all the methodologies that I used while preparing for the CEH (Practical) exam.

PreviousCertified Ethical Hacker (C|EH)(Practical)NextScanning Networks

Last updated 2 years ago

Information Gathering using Google Dorks

Google hacking, also named Google dorking, is a hacker technique that uses Google Search and other Google applications to find security holes i the configuration and computer code that websites are using. Google dorking could also be used for OSINT.

Netcraft and Peekyou

Harvesting Email using theHarvester

theHarvester is a very simple to use, yet powerful and effective tool designed to be used in the early stages of a penetration test or red team engagement. Use it for open-source intelligence (OSINT) gathering to help determine a company's external threat landscape on the internet. The tool gathers emails, names, subdomains, IPs and URLs using multiple public data sources.

theHarvester -d loliteam.net -l 200 -b baidu

Sherlock

  • Sherlock is a tool used to Gather information and hunts down social media accounts by username across social networks about the users.

python3 sherlock.py YuIHatano
  • If using Kali Linux 2022.3, can install sherlock by command

apt install sherlock -y

Ping

Ping is a computer network administration software utility used to test the reachability of a host on an Internet Protocol network. It is available for virtually all operating systems that have networking capability, including most embedded network administration software

ping www.loliteam.net -f -l 1500 -i 3
-f = Fragment the packets
-l = Size of bytes
-i = Number of packets

The maximum size of the frame is 1472

Web Data Extractor

  • Web Data Extractor is a Windows Tool

  • The tool is used to crawl website content like:

    • Meta Tags

    • Emails

    • Phones

    • Etc...

!Download the pro version and use the trial will be better

HTTrack

  • HTTrack is a tool used to mirror a website and use it in offline

Cwel

  • Cwel is a tool used to create a wordlist from a specific website

cewl -d -w save_wordlist.txt 2 -m 5 www.example.com

Email Tracker Pro

  • Email Tracker Pro is used to track and check the Email Headers.

Whois Lookup using Domain Tools

  • WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block or an autonomous system but is also used for a wider range of other information.

DNS Footprinting

nslookup

  • nslookup is a network administration command-line tool for querying the Domain Name System to obtain the mapping between a domain name and IP address r other DNS records.

DNSrecon

DNSRecon is a free and open-source tool or script that is available on GitHub. Dnsrecon is one of the popular scripts in the security community which is used for reconnaissance on domains. This script is written in python language. You must have python language installed in your kali Linux operating system in order to use the script.

dnsrecon -r 192.168.64.0-192.168.64.225

TraceRoute

  • Traceroute is used to find the path IP to reach the website.

  • In computing, traceroute and tracert are computer network diagnostic commands for displaying possible routes and measuring transit delays of packets across an Internet Protocol network.

Path Analyzer Pro

  • Path Analyzer Pro is a tool used to track the Path and it is a GUI windows application

Other Tools

  • Recon-ng

  • Maltego

  • OSRFramework

OSRFramework Tools

usufy.py -n Mark Zuckerberg -p twitter facebook youtube
domainfy.py -n eccouncil -t all (Gather all the registered domains)
searchfy.py (Gathers info of user on Social networking page)
mailfy.py (Gathers info about email accounts)
phonefy.py (Gathers the series of phones)
  • FOCA (Best tool to footprint the whole Web server Must check)

  • Billcypher is a tool used to track down

to find the information about the websites

to find the information about people who live in the USA

Web Data Extractor Screenshot

is a tool used to lookup the details of a particular domain.

nslookup screen shot
πŸ“˜
https://www.netcraft.com
www.peekyou.com
https://whois.domaintools.com
GitHub - laramies/theHarvester: E-mails, subdomains and names Harvester - OSINTGitHub
HTTrack Website Copier - Free Software Offline Browser (GNU GPL)
Logo
GitHub - sherlock-project/sherlock: πŸ”Ž Hunt down social media accounts by username across social networksGitHub
Web Data Extractor - Extract Email, URL, Meta Tag, Phone, Fax from Websites
Official website of the tool
Message Header Analyzer
Online Email Tracker Tools
Logo
Logo
Whois Lookup, Domain Availability & IP Search - DomainTools
Logo
Logo
DNSRecon – A powerful DNS enumeration script - GeeksforGeeksGeeksforGeeks
https://www.pathanalyzer.comwww.pathanalyzer.com
60KB
GoogleHackingCheatSheet.pdf
pdf
Logo