what is footprinting? Footprinting is the technique of gathering information about computer systems and the entities they belong to. This is done by employing various computer security techniques, such as:
- DNS queries
- Network enumeration
- Network queries
- Operating system identification
- Organizational queries
- Ping sweeps
- Organizational queries
- Point of contact queries
- Port Scanning
- Registrar queries (WHOIS queries)
- SNMP queries
- World Wide Web spidering
and much more.
Footprinting Methodologies are based on the following things which include collecting the following information:
Collecting Network Information such as domain name(Internal Domain Name), Network Blocks, IP Address of the reachable system, Rogue Website/Private Websites associated with it, TCP and UDP Services Running on it, Networking Protocol information, VPN Points associated with the host, ACLs, IDSes Running, Analog/Digital Tel. Numbers, Authentication mechanisms, Collect System Information such as their Users and Groups names, System Banners, Routing Banners, SNMP Information about the host, System architecture, Remote System Type, System Names and Passwords, Collect Organization’s Information, Employee Details, Organization’s Website, Company Directory Addresses and Phone Numbers
types of footprinting
their are two tipes of footprinting:
active footprinting and passive footprinting. active footprinting include gathering information using footprinting tools which we will get to know in upcoming lines, but, which includes: gathering info from online www(world wide web) which include everything menssioned in footprinting methadology.
passive footprinting includes gathering info from the people associated with such organisations such as their usernames, passwords and much more using non technical hacking(social engineering).
why footprinting is important?
footprinting in hacking or, footprinting in ethical hacking plays an important part because hear, we are gathering as much information as we can and, in hacking also we are doing the same..
for more details on footprinting and reconnaissance, i am going to provide you now, one pdf (footprinting and reconnaissance pdf)
you can find it from hear:
According to the Cambridge English Dictionary, reconnaissance definition(reconnaissance meaning) is: the process of getting information about enemy forces or positions by sending out small groups of soldiers or by using aircraft, etc is known as reconnaissance.
but, in reconnaissance in hacking means, getting as much as information about the target system using www(world wide web) by email hacking, dns hacking, and other such footprinting tools and techniques is known as reconnaissance in hacking.
importance of reconnaissance
now, you maby asking that, what are the importance of reconnaissance?
the importance of reconnaissance or, importants of footprinting or, importants of information gathering what you tell it is important in hacking because, hear: we gather information about target system, use it to create attacking strategies, and then use this information to exploit the system!
hear, i am going to provide you with some of the tools use in footprinting and reconnaissance.
Tools of Extract Data (Extract Information from Web Page)
Web Data Extractor
Web Data Extractor, a powerful and easy-to-use application which
helps you automatically extract specific information from web pages.
Spider Foot is a free, open-source, domain footprinting tool. Given one or multiple domain names (and when I say domains, I’m referring to the DNS kind of domains, not Windows domains), it will scrape the websites on that domain, as well as search Google for, Netcraft, Whois and DNS to build up information like:
- Sub domains
- Web server versions
- Users details
- Similar domains
- Email addresses
- Net blocks
RobTex is a software developer which was founded in 1989 developing all kinds of software. In recent years his main focus has been on Internet related software. Currently the most popular has been free tools like
and network explorer.
People Search Online Services
Pipl People Find
Yahoo People Search
Profile Search by Email
123 People Search
Public People Finder
http://www.publicpeoplefinder.comFootprinting through Search Engine
People Search on Social Networking Sites
Gathering Information from Financial Services
Monitoring Target using Alert
The web’s leading solution for monitoring your professional interests online.
Track the entire web for your topics and receive new results by daily email.
Google Alerts are email updates of the latest relevant Google results (web,
news, etc.) based on your choice of query or topic.
People Search on JOB Search Sites:
A broad definition of competitive intelligence is the action of defining, gathering, analyzing,
and distributing intelligence about products, customers, competitors and any aspect of the
environment needed to support executives and managers in making strategic decisions for an organization.
Key points of this definition:
- Competitive intelligence is an ethical and legal business practice, as opposed to industrial espionage which is illegal.
The focus is on the external business environment.
- There is a process involved in gathering information, converting it into intelligence and then utilizing this in business decision making. CI professionals erroneously emphasize
that if the intelligence gathered is not usable (or actionable) then it is not intelligence.
Competitive Intelligence brands and their websites:
- ABI/Inform `Global
3: Business Wire
Whois: Whois is a protocol used to find information about networks, domains and hosts which are hosted with WHOIS databases for domain registration information. By performing a simple WHOIS search you can discover when and by whom a domain was registered, contact information, and more.
Whois Lookup Tools
You Get Signal
MY IP Suite
Domain Hosting View
Whois Lookup Online Tools
Find Website Details using Command Prompt
nslookup is a network administration command line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record finding.
Find MX Record
nslookup -type=mx www.example.com
hear, in example.com, you need to enter the domain for which you need to find the mx records.
Find NS Record
nslookup -type=ns www.example.com
hear also, you need to enter in the place of example.com yourdomain.!
Find SOA Record
nslookup -type=soa www.example.com
Find A Record
nslookup -type=a www.example.com
Traceroute: Traceroute is the program that shows you the route over the network between two systems, listing all the intermediate routers a connection must pass through to get to its destination. It can help you determine why your connections to a given server might be poor, and can often help you figure out where exactly the problem is. It also shows you how systems are connected to each other, letting you see how your ISP connects to the Internet as well as how the target system is connected.
Trace Route tools
these were some of the footprinting tools!
note: we update our tutorials on regular bases. so, do not forget to bookmark it.!