Module 2 - Footprinting and Reconnaissance
Which of the following Google dorks is used by an attacker to find Cisco VPN client passwords?
"[main]" "enc_GroupPwd=" ext:txt
FTP Server
FTP servers contain valuable information regarding target organization.
NNTP Usenet newsgroup
Repository containing a collection of notes or messages on various subjects and topics that are submitted by the users over Internet
You are doing research on SQL injection attacks. Which of the following combination of Google operators will you use to find all Wikipedia pages that contain information about SQL, injection attacks, or SQL injection techniques?
SQL injection site:Wikipedia.org
Sherlock
Search vast number of social networking sites for a target username. Helps attackers locate target user on various social networking sites
PTR Scanning - FOCA
Finds more servers in the same segment of a determined address
ExoneraTor
Gather confidential information about target, such as credit card details, passport info, identification card, etc
TinEye
Software for reverse image search
Infoga
Tool used for gather email account information from different public sources
cewl
gather list of words from the target website and perform a brute-force attack on email addresses gathered
Google to find configuration pages for online VoIP devices
intitle:"Sipura.SPA.Configuration" -.pdf
BuzzSumo
Advanced social search engine finds the most shared content for a topic, author, or domain. Usually used against many social media platforms
Recon-Dog
All-in-one tool for basic information gathering which includes target system. Uses wappalyzer.com to detect 1000+ technologies.
A
DNS records point to a host's IP address
WhoIS Footprinting
Helps gather domain information such as information regarding the owner of an organization, its registrar, registration details, and contact information
SOA
Indicate authority for domain
Passive Footprinting
Information gathering about target without direct interaction. Performing lookups at bank's DNS servers, reading news articles, watching bank employees time in and out
Search Engine results page (SERPs)
Output returned by search engines when extracting critical details about target from Internet
searchfy.py
Performs a query on the platforms in OSRFramework
Netcraft
Provides internet security services. Also analyze market share of web servers, application testing and PCI scanning. They can use netcraft to obtain all the sub-domains related to the target domain
