SlideShare una empresa de Scribd logo

Footprinting

P
prashant3535

RISC Meet - 20th July RMIT Information Security Collective RMIT University

TecnologíaEmpresariales
1 de 38
Descargar para leer sin conexión
Prashant Mahajan RISC Meet RMIT Information Security Collective 20 th July 8.9.43
 Footprinting refers to the preparatory stage where an attacker seeks to gather as much information as possible about the target before launching attack(s).  Types:-  Passive  Attack
 Basic information about the target and its network  OS, platforms running, web server versions and likes
 Locate company’s URL  Internal URL’s  Provide an insight into different departments and business units in the organisation  Can be found via trial and error OR?  http://news.netcraft.com  http://www.webmaster-a.com/link-extractor- internal.php
 SpiderFoot (http://www.binarypool.com)  Will scrape the websites as well as Google, Netcraft, Whois and DNS
 Robtext (http://www.robtex.com)
 Google  Bing  Dogpile (Goole+Yahoo+Bing+Yandex)  Web Wombat (Original Australian)  Cuil  Alexa
 Some of my favourite resources are:
 http://www.peekyou.com  http://www.yoname.com  http://www.123people.com  http://www.aafter.com  http://blogsearch.google.com  All Social Networking Sites  MySpace, Facebook, Orkut, Twitter, LinkedIn
 How do you find images using Google?  Google Image Search  http://images.google.com  Image search may give results according to keywords or metadata from images.  Are all the results you get related to what you searched for?
 So, basically, it is google image search in reverse.  You can submit an image to find out where it came from, how it is being used, if modified versions of the image exist, or to find higher resolution versions
 When you submit an image to be searched, TinEye creates a unique and compact digital signature or 'fingerprint' for it, then compares this fingerprint to every other image in our index to retrieve matches. TinEye can even find a partial fingerprint match.  TinEye does not typically find similar images (i.e. a different image with the same subject matter); it finds exact matches including those that have been cropped, edited or resized.
 Financial Services like Google Finance, Yahoo Finance  Job Sites:  Job Descriptions can be used to gather the infrastructure details  Tech Support Websites:  Many times employees give out information in order to get some solutions for their problems
 When did it start?  Where is it located?  How did it develop?  Who leads it?  What are the company’s plans?
 nslookup  dnsrecon
 http://www.morris-pictures.com  The one you need to know is a comment in the source code of the index-2.html, "<!-- Mirrored from www.silvertipfilms.co.uk/index.php by HTTrackWebsite Copier/3.x [XR&CO'2008], Thu, 16 Oct 2008 02:10:39 GMT -->" morris-pictures.com was registered on 2008-10-14
 http://www.hackersforcharity.org/ghdb/
Prashant Mahajan corrupt@null.co.in +61 0421 804 786 Follow Me on Twitter @prashant3535

Recomendados

Reconnaissance
ReconnaissanceReconnaissance
Reconnaissancen|u - The Open Security Community
 
password cracking and Key logger
password cracking and Key loggerpassword cracking and Key logger
password cracking and Key loggerPatel Mit
 
Owasp methodologies of Security testing part1
Owasp methodologies of Security testing part1Owasp methodologies of Security testing part1
Owasp methodologies of Security testing part1robin_bene
 
Module 2 Foot Printing
Module 2 Foot PrintingModule 2 Foot Printing
Module 2 Foot Printingleminhvuong
 
Reconnaissance
ReconnaissanceReconnaissance
Reconnaissancemaroti164
 
How to stay protected against ransomware
How to stay protected against ransomwareHow to stay protected against ransomware
How to stay protected against ransomwareSophos Benelux
 
Password Cracking
Password Cracking Password Cracking
Password Cracking Sina Manavi
 
Password Attack
Password Attack Password Attack
Password Attack Sina Manavi
 

Recomendados

Reconnaissance
ReconnaissanceReconnaissance
Reconnaissancen|u - The Open Security Community
 
password cracking and Key logger
password cracking and Key loggerpassword cracking and Key logger
password cracking and Key loggerPatel Mit
 
Owasp methodologies of Security testing part1
Owasp methodologies of Security testing part1Owasp methodologies of Security testing part1
Owasp methodologies of Security testing part1robin_bene
 
Module 2 Foot Printing
Module 2 Foot PrintingModule 2 Foot Printing
Module 2 Foot Printingleminhvuong
 
Reconnaissance
ReconnaissanceReconnaissance
Reconnaissancemaroti164
 
How to stay protected against ransomware
How to stay protected against ransomwareHow to stay protected against ransomware
How to stay protected against ransomwareSophos Benelux
 
Password Cracking
Password Cracking Password Cracking
Password Cracking Sina Manavi
 
Password Attack
Password Attack Password Attack
Password Attack Sina Manavi
 
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise WorkshopFBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise WorkshopErnest Staats
 
Understanding CryptoLocker (Ransomware) with a Case Study
Understanding CryptoLocker (Ransomware) with a Case StudyUnderstanding CryptoLocker (Ransomware) with a Case Study
Understanding CryptoLocker (Ransomware) with a Case Studysecurityxploded
 
Finding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analyticsFinding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analyticsNetFort
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationSophos Benelux
 
The New OWASP Top Ten: Let's Cut to the Chase
The New OWASP Top Ten: Let's Cut to the ChaseThe New OWASP Top Ten: Let's Cut to the Chase
The New OWASP Top Ten: Let's Cut to the ChaseSecurity Innovation
 
Removable Disk Hacking for Fun and Profit
Removable Disk Hacking for Fun and ProfitRemovable Disk Hacking for Fun and Profit
Removable Disk Hacking for Fun and ProfitRungga Reksya Sabilillah
 
Ehtical hacking
Ehtical hackingEhtical hacking
Ehtical hackingUday Verma
 
Gunadarma workshop security
Gunadarma workshop securityGunadarma workshop security
Gunadarma workshop securityRungga Reksya Sabilillah
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionAnant Shrivastava
 
Enterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entitiesEnterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entitiesQuick Heal Technologies Ltd.
 
THOR Apt Scanner
THOR Apt ScannerTHOR Apt Scanner
THOR Apt ScannerFlorian Roth
 
Footprinting
FootprintingFootprinting
FootprintingDuah John
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques أحلام انصارى
 
Reconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessReconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessLeon Teale
 
How to Protect Your Organization from the Ransomware Epidemic
How to Protect Your Organization from the Ransomware EpidemicHow to Protect Your Organization from the Ransomware Epidemic
How to Protect Your Organization from the Ransomware EpidemicTripwire
 
Brute Force Attack
Brute Force AttackBrute Force Attack
Brute Force AttackAhmad karawash
 
DLL Preloading Attack
DLL Preloading AttackDLL Preloading Attack
DLL Preloading Attacksecurityxploded
 
Pentesting Android Apps
Pentesting Android AppsPentesting Android Apps
Pentesting Android AppsAbdelhamid Limami
 
Security Handbook
Security Handbook Security Handbook
Security HandbookAnthony Hasse
 
OWASP Top 10 - 2017
OWASP Top 10 - 2017OWASP Top 10 - 2017
OWASP Top 10 - 2017HackerOne
 
Career In Search Engine Optimization
Career In Search Engine Optimization Career In Search Engine Optimization
Career In Search Engine Optimization Abu Talha
 
SEO Tools For Marketers - Seo tools for you
SEO Tools For Marketers - Seo tools for youSEO Tools For Marketers - Seo tools for you
SEO Tools For Marketers - Seo tools for youUy Hoàng
 

Más contenido relacionado

La actualidad más candente

FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise WorkshopFBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise WorkshopErnest Staats
 
Understanding CryptoLocker (Ransomware) with a Case Study
Understanding CryptoLocker (Ransomware) with a Case StudyUnderstanding CryptoLocker (Ransomware) with a Case Study
Understanding CryptoLocker (Ransomware) with a Case Studysecurityxploded
 
Finding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analyticsFinding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analyticsNetFort
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationSophos Benelux
 
The New OWASP Top Ten: Let's Cut to the Chase
The New OWASP Top Ten: Let's Cut to the ChaseThe New OWASP Top Ten: Let's Cut to the Chase
The New OWASP Top Ten: Let's Cut to the ChaseSecurity Innovation
 
Ehtical hacking
Ehtical hackingEhtical hacking
Ehtical hackingUday Verma
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionAnant Shrivastava
 
Enterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entitiesEnterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entitiesQuick Heal Technologies Ltd.
 
Footprinting
FootprintingFootprinting
FootprintingDuah John
 
Reconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessReconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessLeon Teale
 
How to Protect Your Organization from the Ransomware Epidemic
How to Protect Your Organization from the Ransomware EpidemicHow to Protect Your Organization from the Ransomware Epidemic
How to Protect Your Organization from the Ransomware EpidemicTripwire
 
OWASP Top 10 - 2017
OWASP Top 10 - 2017OWASP Top 10 - 2017
OWASP Top 10 - 2017HackerOne
 

La actualidad más candente (20)

FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise WorkshopFBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise Workshop
 
Understanding CryptoLocker (Ransomware) with a Case Study
Understanding CryptoLocker (Ransomware) with a Case StudyUnderstanding CryptoLocker (Ransomware) with a Case Study
Understanding CryptoLocker (Ransomware) with a Case Study
 
Finding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analyticsFinding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analytics
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organization
 
The New OWASP Top Ten: Let's Cut to the Chase
The New OWASP Top Ten: Let's Cut to the ChaseThe New OWASP Top Ten: Let's Cut to the Chase
The New OWASP Top Ten: Let's Cut to the Chase
 
Removable Disk Hacking for Fun and Profit
Removable Disk Hacking for Fun and ProfitRemovable Disk Hacking for Fun and Profit
Removable Disk Hacking for Fun and Profit
 
Ehtical hacking
Ehtical hackingEhtical hacking
Ehtical hacking
 
Gunadarma workshop security
Gunadarma workshop securityGunadarma workshop security
Gunadarma workshop security
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
 
Enterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entitiesEnterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entities
 
THOR Apt Scanner
THOR Apt ScannerTHOR Apt Scanner
THOR Apt Scanner
 
Footprinting
FootprintingFootprinting
Footprinting
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques
 
Reconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessReconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awareness
 
How to Protect Your Organization from the Ransomware Epidemic
How to Protect Your Organization from the Ransomware EpidemicHow to Protect Your Organization from the Ransomware Epidemic
How to Protect Your Organization from the Ransomware Epidemic
 
Brute Force Attack
Brute Force AttackBrute Force Attack
Brute Force Attack
 
DLL Preloading Attack
DLL Preloading AttackDLL Preloading Attack
DLL Preloading Attack
 
Pentesting Android Apps
Pentesting Android AppsPentesting Android Apps
Pentesting Android Apps
 
Security Handbook
Security Handbook Security Handbook
Security Handbook
 
OWASP Top 10 - 2017
OWASP Top 10 - 2017OWASP Top 10 - 2017
OWASP Top 10 - 2017
 

Similar a Footprinting

Career In Search Engine Optimization
Career In Search Engine Optimization Career In Search Engine Optimization
Career In Search Engine Optimization Abu Talha
 
SEO Tools For Marketers - Seo tools for you
SEO Tools For Marketers - Seo tools for youSEO Tools For Marketers - Seo tools for you
SEO Tools For Marketers - Seo tools for youUy Hoàng
 
Open Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon EditionOpen Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon EditionChris Gates
 
Top 20 Search Engine Optimization (SEO) Tools
Top 20 Search Engine Optimization (SEO) ToolsTop 20 Search Engine Optimization (SEO) Tools
Top 20 Search Engine Optimization (SEO) ToolsDigital Vidya
 
Search Engine Optimisation
Search Engine OptimisationSearch Engine Optimisation
Search Engine Optimisationneilmoreilly
 
BEST SEO TIPS - Tricks SEO
BEST SEO TIPS - Tricks SEO BEST SEO TIPS - Tricks SEO
BEST SEO TIPS - Tricks SEO vickybish
 
Vikram seo ppt
Vikram seo pptVikram seo ppt
Vikram seo pptvickybish
 
Free Traffic Seo Smo 101 (Search Engine Social Media Optimization) Present...
Free Traffic Seo Smo 101 (Search Engine Social Media Optimization) Present...Free Traffic Seo Smo 101 (Search Engine Social Media Optimization) Present...
Free Traffic Seo Smo 101 (Search Engine Social Media Optimization) Present...jward5519
 
best Digital Marketing ppt for all......
best Digital Marketing ppt for all......best Digital Marketing ppt for all......
best Digital Marketing ppt for all......Smayara
 
A fresh new look into Information Gathering - OWASP Spain
A fresh new look into Information Gathering - OWASP SpainA fresh new look into Information Gathering - OWASP Spain
A fresh new look into Information Gathering - OWASP SpainChristian Martorella
 
Jeremy cabral search marketing summit - scraping data-driven content (1)
Jeremy cabral search marketing summit - scraping data-driven content (1)Jeremy cabral search marketing summit - scraping data-driven content (1)
Jeremy cabral search marketing summit - scraping data-driven content (1)Jeremy Cabral
 
Report on search engines
Report on search enginesReport on search engines
Report on search enginesAmandeep Kaur
 
Website requirements and planning document
Website requirements and planning documentWebsite requirements and planning document
Website requirements and planning documentErika Feinberg
 
how does google works?
how does google works?how does google works?
how does google works?Hritik Agarwal
 

Similar a Footprinting (20)

Career In Search Engine Optimization
Career In Search Engine Optimization Career In Search Engine Optimization
Career In Search Engine Optimization
 
SEO Tools For Marketers - Seo tools for you
SEO Tools For Marketers - Seo tools for youSEO Tools For Marketers - Seo tools for you
SEO Tools For Marketers - Seo tools for you
 
Open Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon EditionOpen Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon Edition
 
Top 20 Search Engine Optimization (SEO) Tools
Top 20 Search Engine Optimization (SEO) ToolsTop 20 Search Engine Optimization (SEO) Tools
Top 20 Search Engine Optimization (SEO) Tools
 
Search Engine Optimisation
Search Engine OptimisationSearch Engine Optimisation
Search Engine Optimisation
 
BEST SEO TIPS - Tricks SEO
BEST SEO TIPS - Tricks SEO BEST SEO TIPS - Tricks SEO
BEST SEO TIPS - Tricks SEO
 
Vikram seo ppt
Vikram seo pptVikram seo ppt
Vikram seo ppt
 
Free Traffic Seo Smo 101 (Search Engine Social Media Optimization) Present...
Free Traffic Seo Smo 101 (Search Engine Social Media Optimization) Present...Free Traffic Seo Smo 101 (Search Engine Social Media Optimization) Present...
Free Traffic Seo Smo 101 (Search Engine Social Media Optimization) Present...
 
We are Digital Puppets
We are Digital PuppetsWe are Digital Puppets
We are Digital Puppets
 
best Digital Marketing ppt for all......
best Digital Marketing ppt for all......best Digital Marketing ppt for all......
best Digital Marketing ppt for all......
 
What is-seo-smbme
What is-seo-smbmeWhat is-seo-smbme
What is-seo-smbme
 
Seo report
Seo reportSeo report
Seo report
 
A fresh new look into Information Gathering - OWASP Spain
A fresh new look into Information Gathering - OWASP SpainA fresh new look into Information Gathering - OWASP Spain
A fresh new look into Information Gathering - OWASP Spain
 
Jeremy cabral search marketing summit - scraping data-driven content (1)
Jeremy cabral search marketing summit - scraping data-driven content (1)Jeremy cabral search marketing summit - scraping data-driven content (1)
Jeremy cabral search marketing summit - scraping data-driven content (1)
 
Lecture7
Lecture7Lecture7
Lecture7
 
Report on search engines
Report on search enginesReport on search engines
Report on search engines
 
Powerful sourcing tips
Powerful sourcing tipsPowerful sourcing tips
Powerful sourcing tips
 
Internet Marketing Tools: SEO Software
Internet Marketing Tools: SEO SoftwareInternet Marketing Tools: SEO Software
Internet Marketing Tools: SEO Software
 
Website requirements and planning document
Website requirements and planning documentWebsite requirements and planning document
Website requirements and planning document
 
how does google works?
how does google works?how does google works?
how does google works?
 

Más de prashant3535

ADRecon - Detection CHCON 2018
ADRecon - Detection CHCON 2018ADRecon - Detection CHCON 2018
ADRecon - Detection CHCON 2018prashant3535
 
Active Directory Recon 101
Active Directory Recon 101Active Directory Recon 101
Active Directory Recon 101prashant3535
 
ADRecon BH USA 2018 : Arsenal and DEF CON 26 Demo Labs Presentation
ADRecon BH USA 2018 : Arsenal and DEF CON 26 Demo Labs PresentationADRecon BH USA 2018 : Arsenal and DEF CON 26 Demo Labs Presentation
ADRecon BH USA 2018 : Arsenal and DEF CON 26 Demo Labs Presentationprashant3535
 
ADRecon BH ASIA 2018 : Arsenal Presentation
ADRecon BH ASIA 2018 : Arsenal PresentationADRecon BH ASIA 2018 : Arsenal Presentation
ADRecon BH ASIA 2018 : Arsenal Presentationprashant3535
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentationprashant3535
 
Digital Crime & Forensics - Report
Digital Crime & Forensics - ReportDigital Crime & Forensics - Report
Digital Crime & Forensics - Reportprashant3535
 
What Firefox can tell about you? - Firefox Forensics
What Firefox can tell about you? - Firefox ForensicsWhat Firefox can tell about you? - Firefox Forensics
What Firefox can tell about you? - Firefox Forensicsprashant3535
 
One Laptop Per Child
One Laptop Per ChildOne Laptop Per Child
One Laptop Per Childprashant3535
 
Data Hiding Techniques
Data Hiding TechniquesData Hiding Techniques
Data Hiding Techniquesprashant3535
 

Más de prashant3535 (12)

BSides Pune 2024
BSides Pune 2024BSides Pune 2024
BSides Pune 2024
 
ADRecon - Detection CHCON 2018
ADRecon - Detection CHCON 2018ADRecon - Detection CHCON 2018
ADRecon - Detection CHCON 2018
 
Mimikatz
MimikatzMimikatz
Mimikatz
 
Active Directory Recon 101
Active Directory Recon 101Active Directory Recon 101
Active Directory Recon 101
 
ADRecon BH USA 2018 : Arsenal and DEF CON 26 Demo Labs Presentation
ADRecon BH USA 2018 : Arsenal and DEF CON 26 Demo Labs PresentationADRecon BH USA 2018 : Arsenal and DEF CON 26 Demo Labs Presentation
ADRecon BH USA 2018 : Arsenal and DEF CON 26 Demo Labs Presentation
 
ADRecon BH ASIA 2018 : Arsenal Presentation
ADRecon BH ASIA 2018 : Arsenal PresentationADRecon BH ASIA 2018 : Arsenal Presentation
ADRecon BH ASIA 2018 : Arsenal Presentation
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentation
 
Digital Crime & Forensics - Report
Digital Crime & Forensics - ReportDigital Crime & Forensics - Report
Digital Crime & Forensics - Report
 
What Firefox can tell about you? - Firefox Forensics
What Firefox can tell about you? - Firefox ForensicsWhat Firefox can tell about you? - Firefox Forensics
What Firefox can tell about you? - Firefox Forensics
 
Tracking Emails
Tracking EmailsTracking Emails
Tracking Emails
 
One Laptop Per Child
One Laptop Per ChildOne Laptop Per Child
One Laptop Per Child
 
Data Hiding Techniques
Data Hiding TechniquesData Hiding Techniques
Data Hiding Techniques
 

Último

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 

Último (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 

Footprinting

  • 1. Prashant Mahajan RISC Meet RMIT Information Security Collective 20 th July 8.9.43
  • 2.  Footprinting refers to the preparatory stage where an attacker seeks to gather as much information as possible about the target before launching attack(s).  Types:-  Passive  Attack
  • 3.  Basic information about the target and its network  OS, platforms running, web server versions and likes
  • 4.  Locate company’s URL  Internal URL’s  Provide an insight into different departments and business units in the organisation  Can be found via trial and error OR?  http://news.netcraft.com  http://www.webmaster-a.com/link-extractor- internal.php
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.  SpiderFoot (http://www.binarypool.com)  Will scrape the websites as well as Google, Netcraft, Whois and DNS
  • 12.  Google  Bing  Dogpile (Goole+Yahoo+Bing+Yandex)  Web Wombat (Original Australian)  Cuil  Alexa
  • 13.  Some of my favourite resources are:
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.  http://www.peekyou.com  http://www.yoname.com  http://www.123people.com  http://www.aafter.com  http://blogsearch.google.com  All Social Networking Sites  MySpace, Facebook, Orkut, Twitter, LinkedIn
  • 19.  How do you find images using Google?  Google Image Search  http://images.google.com  Image search may give results according to keywords or metadata from images.  Are all the results you get related to what you searched for?
  • 20.  So, basically, it is google image search in reverse.  You can submit an image to find out where it came from, how it is being used, if modified versions of the image exist, or to find higher resolution versions
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.  When you submit an image to be searched, TinEye creates a unique and compact digital signature or 'fingerprint' for it, then compares this fingerprint to every other image in our index to retrieve matches. TinEye can even find a partial fingerprint match.  TinEye does not typically find similar images (i.e. a different image with the same subject matter); it finds exact matches including those that have been cropped, edited or resized.
  • 26.
  • 27.  Financial Services like Google Finance, Yahoo Finance  Job Sites:  Job Descriptions can be used to gather the infrastructure details  Tech Support Websites:  Many times employees give out information in order to get some solutions for their problems
  • 28.  When did it start?  Where is it located?  How did it develop?  Who leads it?  What are the company’s plans?
  • 29.
  • 30.
  • 31.
  • 32.
  • 34.
  • 35.  http://www.morris-pictures.com  The one you need to know is a comment in the source code of the index-2.html, "<!-- Mirrored from www.silvertipfilms.co.uk/index.php by HTTrackWebsite Copier/3.x [XR&CO'2008], Thu, 16 Oct 2008 02:10:39 GMT -->" morris-pictures.com was registered on 2008-10-14
  • 37.
  • 38. Prashant Mahajan corrupt@null.co.in +61 0421 804 786 Follow Me on Twitter @prashant3535