![]() If not started – #netstat -antp | grep 22 To access backtrack machine from Main system–īacktrack and windows in VM- Have to start SSH in backtrack machine. Tools : lanwhois-, ,, , .ĭNS Footprinting : Server internal structure- with IP and DNS >whois websitename -it shows info about website Whois and hit enter – it shows options with that command. To install whois- sudo apt-get install whois -then – enter. ![]() WHOIS Footprinting : A very powerful tool for website info , specialmention, reputationdefender, googlealerts, whostalkin, Website Traffic, statistics and analysis : website : Tools for tracking online reputation of Target. If connected – type- GET //HTTP 1.1 then hit enter 2 time-Ĭlick little arrow in front of reply symbol then click – show original Telnet website name connecting to webserver Tool HTTrack website copier – to copy entire website source code-Ī – type website name -archive of website – how website watch looking in old time Tools :GSA Email spider – gives email address linked with that website / Website : /google-hacking-databseĬlick on url – copy the query which come and search it in google search-įootprinting through social networking sites :įacebook, twitter, LinkedIn, Pinterest, Google+, MySpace.ġ-creating fake profile using information we got.Ģ-posting personal Information about Victim.ģ- getting contact information, location, Friends list, family members, interest, activities.Ĭomment info/ contact info/ scripting language/ Related:website name – shows website related to that website-Įg – google hacking filetype:ppt/pdf – shows the ppt files Link:website name – shows links to that website. Operator- Cache: display webpage in cache mem (old version of website- )Ĭache:website name – direct display to old version of website. Monitoring target using alerts : Google alert –įootprint using Google Hacking Techniques :ġ- Query string – act like command to search in search engine. įinancial service info : Google finance – search in google. People search : LinkedIn, Pipl and so many. Location using websites- Google map ,wikimapia, national geographic map, yahoo map, bing map. Website shodan.io it shows device vulnerability (router/switch) it also shows location of device, its IP and port which are open. Website- whats that site running – website name :-to know about website. authentication mechanism / system enumeration –Ĭollect system Info : user and group name/ system banner / routing tables / SNMP info / system architecture – windows -32/64 bit cpu, ram, / remote system type / system names / Password.Ĭollect organizations info : Employee details / organization website / company directory/ location details /address and ph./ securities policies /web server links /background of org./ Gathering information through different ways.Ĭollect network information: Domain name/ Internal domain name (sub domain- ftp, smtp)/ network blocks- subnet, ips, – Ip/ address of reachable system/ rough website- publically accessible website and private website/ Tcp/UDP services / access control mechanism and List- like login panel / networking protocol- RIP, EGRP,MPLS,OSPF / VPN points / IDES / analog digital tel ph. Intelligent individual with excellent computer skills, with the ability to create and exploit into the computers software and hardware. It can be used to steal, pilfer, and redistribute intellectual property leading to the business loss. In proper error handling and Exception management.Įxploiting system vulnerabilities and compromising security control to gain unauthorized or inappropriate access to the system resource. SQL injection :SQL query – requesting data to copy all DB data. Password based attack- Brute force attack – dictionary based attackĭaniel of service attack- Sending large number of http request to server that cant be handle by the server and server will be crashed.īroken session management : expiration of cookies after particular period of time-īuffer overflow issues – more number of wrong input-and server get crash Session high jacking or man in middle : wired or wireless attack in between two networks.ĭNS and ARP poisoning : Website cloning – phishing attack. Information gathering -gathering information about network. ĭoxing- Publishing personally identifiable information on internet. Payload- Part of exploit code- small piece of code.ĭaisy chaining : gaining access to one network or computer and use that network or computer to hack another systems called. Malware : Network virus- that bounce from one network to another-īot : A tool that act like robot – follows the instruction given to it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |