Footprinting & Reconnaissance

What is Footprinting?

Well in simple language “ Foot Printing in Security terms is the process to gather as much possible information about the Target Organization.”

Information like:-

Physical Location, Domain, Number of Employees, URL’s, VPN’s, Phone Numbers, IP Address etc.

Footprinting Threats?

Social Engineering:- The easiest of all and can be done without any tool.

Business Loss

Corporate Espionage

Information Leak

System and Network Attack

Objectives of Footprinting

1. Collect Network Information : Gain information like: TCP and UDP services, ACL, Network Protocols, VPN, System Enumeration etc.

2.Collect System Information : Gain information like: User & Group names, System banner, Routing table, System Architect, System names, Password etc.

3.Collect Organizations Information: Gain information like: Employee Details, Organization’s website, Address and Phone number, Security Policies, Web server detail, Source code etc.

Footprinting Different Methods.

1.Footprinting through Social Media, this one is the most easiest to do mostly attacker will create fake account/ids and tries to gather as much as possible information about the target Organization.

2.Footprinting through Search Engines like bing, google and duckduckgo. My favorite is duckduckgo. Attackers also look for cache and archives. Some of the good tools are netcraft, shodan, pipl, Google Earth. in order to perform footpriting.

3.Footprinting through the Job sites. Hackers will come to know what tools and technology organization is working on.

4.Target Monitoring through the Alerts like google alerts, twitter alerts, yahoo alerts.

5.Another good method is via Google Hacking databases and Advance search queries. Query string can be used in search and can be used as keywords. Also Google Advance Search Operators can be utilized. For example “intitle index of” list down all the sites with index open., are few sites where you can get most of the info.

6.Website footprinting is monitoring the target organization website. Web server details, directory structure, developers email id are some of the common info. Also tools available where we can mirror the whole website. Backdated website information can be extracted from

7.Email tracking is used to track the emails. Emails are used to gather information in order to perform the social engineering and many other attacks, Spam.

8.DNS Information attackers can get the hosts in the network. Hackers can get A, CNAME, PTR, MX, NS, HINFO records. There are lot of command line utilities available to get the DNS information. nslookup and dig are the most common among the tools.

9.WHOis attackers perform WHOis to understand whois behind a specific domain? ARIN, AFRINIC, RIPE. APNIC, LATNIC are the RIR’s (Regional Internet Registry). We can get info from WHOis like email, domain owner, address, name servers for the domain, registrar.

10.Network Footprinting

11.Footprinting through Social Engineering. Eavesdropping, Shoulder Surfing, Dumpster Diving.

7 Best Websites to Find details about a person

1. Zaba Search

2. Zoominfo

3. Wink People Search

4. AnyWho

5. People Lookup

6. White Pages

7. People Search

Hope this article helpful for you. Thank You

If You Appreciate What We Do Here On Hackonology, You Should Consider:

Hackonology is the fastest growing and most trusted community site where you can find lots of courses, articles about Technology/Hacking/Cracking. Millions of people visit Hackonology! to search or browse the thousands of published articles available FREELY to all.

Let's be a part of Hacker's Community! Join our Hacking Team

We Are Indian We Are Great

Leave a Comment

Your email address will not be published. Required fields are marked *