3)Now its time to start the show ,click the start tab , this will turn on the process now wait for a while
4)At first 1 or 2 trials it might fail as this is free version but try once again , once it has successfully finished
click the "metatag" under the "Newtab"
there you'll see info related to your search
Also exlplore other Emails , phones , faxes tags to see related info
Under each tag section at top left corner you can see a floppy sign , You can click there and save Collected data of that tag section in file on your machine
Now Don't You worry if you don't Like this one , there are couple of Website alternatives for the same purpose , but this one is widely used
2) HTTRACK
This tool is used for Copying Websites , Yup you read it right You can actually replicate any website you want using this tool , All the phishing messages with some fake paypal or patym link you get , those websites are usually made using such tools , This tool is pretty easy to use
1) Install the app just as prompted and open it , You should see some similar screen
Hit next here ,
2) Give project name in "New project name" input field and set path to save website data "base path" input field hit "set options ...."
as shown in image below
3)enter the website URL that you want to clone for example "www.example.com" and click on the "set options" button and go under scan rules tab and check the 3 checkboxes saying .png .rtr etc and hit "OK" and click next
4)now check "Disconnect when finished" checkbox and hit "Finish
should see some similar window after clicking "Set options.." , check the checkboxes
as shown
step 4 image
5)After You click Finish process will start, let it do it's job
6)Now once the process is done , wait don't press "Finish" yet, click on the browse mirror website button and you'll see the exact copy of the website, go to the location where you saved this session ,default should be C:\web-site\ ,Now you can click finish at last when you are done
Gathering info from DNS using NSLookUp
nslookup is a network administration command-line tool for querying the Domain Name System to obtain domain name or IP address mapping, or other DNS records
(For Windows)
Steps : -
1) open your cmd and enter the command "nslookup"
2) enter command "set type=a" , specifies a computers ip address , there are many other types like :
A: Specifies a computer's IP address.
ANY: Specifies a computer's IP address.
CNAME: Specifies a canonical name for an alias.
GID Specifies a group identifier of a group name.
HINFO: Specifies a computer's CPU and type of operating system.
MB: Specifies a mailbox domain name.
MG: Specifies a mail group member.
MINFO: Specifies mailbox or mail list information.
MR: Specifies the mail rename domain name.
MX: Specifies the mail exchanger.
NS: Specifies a DNS name server for the named zone.
PTR: Specifies a computer name if the query is an IP address; otherwise, specifies the pointer to other information.
SOA: Specifies the start-of-authority for a DNS zone.
TXT: Specifies the text information.
UID: Specifies the user identifier.
UINFO: Specifies the user information.
WKS: Describes a well-known service.
3)Now you can see ip for google server , now enter command "set type=cname" , and enter website url same way
Explaining CNAME in short :- CNAME records are frequently used for pointing many hosts to the same place and updating them easily. you can learn more about them here :- https://www.cloudns.net/wiki/article/13/
Same way you can also perform this in Parrot or Kali using dnsrecon , You can get as much possible info using dnsrecon regarding a dns server , read this article to get a brief about it : https://pentestlab.blog/2012/11/13/dns-reconnaissance-dnsrecon/
You can also check American Registry for Internet numbers (it is a website, to get deep info related to ip addresses), for info about the ip's that you get from nslookup
Here are Some of More Tools to use for Footprinting they have very good documentation that You can learn from and if i explain them here than i would literally have to convert this blog into a decent size Book,
Pathanalyzerpro :- Path Analyzer Pro - the ultimate traceroute
Path Analyzer Pro delivers advanced network route-tracing with performance tests, DNS, whois, and network resolution to investigate network issues.
You can do a normal trace of the packet using the "traceroute" command but this software gives you some more advance features , You can get limited access for free versions
1)You can configure the type of info you want in this software on the left pane , enter the website url "www.example.com" and press enter
2) once hit enter , go the "synopsis" tab , (below the target text field , beside "report" tab) , here you can see the gathered info
FOCA := There is one more tool called as FOCA , FOCA (Fingerprinting Organisations with Collected Archives) is a tool used mainly to find metadata and hidden information in the documents it scans. These documents may be on web pages and can be downloaded and analyzed with FOCA.
These tool are easy to use and you can easily find it
billcipher:= there is one more tools called as bill cipher , you can find it here := https://github.com/GitHackTools/BillCipher#:~:text=README.md-,About%20BillCipher%202.3,%2C%20Python%203%2C%20and%20Ruby
It is an Information Gathering tool for a Website or IP address (terminal based)
Installation and use is mentioned in easy way so you can directly refer the link
theHarvester := this is one of my favorite tools to gather info about a person , it's available in parrot and kali OS , it gathers information about a person from websites like linkedin and facebook etc , You can also query based on the person working in a particular company with a particular name
Now I think that this sums up the tools section , Now lets jump right in for Google Dorking
Google Dorking
Google hacking, also named Google dorking, is a hacker technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites are using
I suggest You go in incognito mode and use VPN , to stay more safe , this isn't illegal though but still it is recommended
Now Dorking in a nutshell is , Using some special syntax to search in google's search engine to get some valuable information around , search through log files , sometimes things are garbage for others but not for you , Now this is not garbage though but still You can look for anything You can get your hands on
We are gonna make google to index(show us) search results exactly as we want
Open Google on your chrome and let's move further to our first search
1) cache: website url = this is used to see older versions of a particular website
eg: cache: www.example.com ,
You can see some older versions of a particular websites that were cached by the google and see if you could gather some information around
2) allintext:username filetype:log = lets you look for some log files that have been deleted or removed ,this will look for log files that has the username string in it
usernames and password are pretty sensitive information and sometimes such things get accidentally exposed , as you know servers tend to generate log files to keep track of their usage so why No take a look
Disclaimer :- Maybe sometimes you find real usernames and password for a particular website and it might be tempting to use them But these are the times when you cross the line and might get yourself into trouble Because that's highly illegal
3)intitle:"index of" inurl:ftp = this will index all the files for an ftp server
. The Google search operator intitle allows for the combination of strings in the title.
The operator inurl looks only in the URL of the site.
4)intitle:"webcamXP 5" = these are kind of devices, in this case webcams exposed to internet that have No passwords or security and are vulnerable , sometimes maybe they are set on purpose to attract people like you and download some files with .swf extension , make sure you delete them right away because they are pretty harmful
intitle searches for string in the title of the website
5)db_password filetype:env = find passwords to a whole bunch of databases
6)filetype:inc php -site:github.com -site:sourceforget.net = for websites that are hosted on github or are using git repository
So here is a gist of some of the Dorking Techniques used widely and if you do too much of it Google might notice you as a bot or a spider surfing the internet doesn't happen many times but still , You can look More of Dorking methods online ,
If You liked Don't Forget to
Follow me here as I am going to Post more of
Hacking related Content as I am already working on it ,Give this a
Like as it takes a lot of time to create such content and
Follow me on Other platforms Like
Medium ,
Twitter ,
Insta ,
Github ,
webiste etc .
Share this blog among your friends , Hope to see You in next One , Goodbye ..
Comments
Post a Comment