2 powerfull tools for new hackers (Kali)
The first step for an hacker to attack a network that he doesn’t know is to make a FootPrint.
What is FootPrinting?
In computer security this technique is used when a hacker wants to gather information about a network or a person. So we can say that this is the pre-attack phase, it’s like homework.
Types of FootPrinting
Hackers may have two approaches: active and passive. In the case of an active approach, they use tools that might trigger the Intrusion Detection System (IDS), for example performing a nmap (ping sweep). Passive footprinting it’s when the attacker browses through the victim’s social media profiles, website or just by using browsers to gather information.
Most common exploration points
The main attack vectors for an hacker are:
DIG (Domain Information Groper)
This tool is used to gather information about a DNS service.
dig facebook.comThis will show you only type A DNS records.
In case you want to check every type of DNS records just type:
dig facebook.com ANY
You can also sort by type (TXT, CAA, MX, SOA…).
dig facebook.com TXT
It’s possible to reverse lookup:
dig -x 8.8.8.8
Whois
As the name says, it tells you to who it belongs. So you can easily gather the information about the owner, like this:
whois ipg.pt
Or you can use the IP address:
whois 193.137.232.9
In this case I searched for a local college and it showed me all the information I could get. But in case of well protected servers the information will be hidden, and you might just find this:
