01 Footprinting Advance Book

Website footPrinting.

The Wayback Machine (web.archive.org) is a digital archive of the World Wide Web. Since its launch in 2001, over 452 billion pages have been added to the archive. Users can enter a URL to view and interact with past versions of any website contained in the Archive, even if the site no longer exists on the "live" web

👉archive.org

1. Netcraft.com

https://sitereport.netcraft.com/

Netcraft's automated detection operates around the clock to identify malicious websites as well as fraudulent domains, social media profiles, email campaigns and more.

2.Google Dorks.

What is a Google Dork?Google dorking is a passive attack or hacking method involving the use of a custom query. Hackers use Google to identify websites with security vulnerabilities and/or sensitive information the attacker can use, usually for some malicious purpose.

Site:protechstart.com image

inurl:

intitle:

filetype:

- gist.github.com/Stvenswafford/393c6ec7b5375d5e8cdc

- nfsec.pl/media/9hdb.pdf

gbhackers.com/latest-google-droks-list/

https://gbhackers.com/?s=latest+google+dorks+list

https://gbhackers.com/latest-google-dorks-list/

3.Whois

whois.icann.org/en

protechstart.com

==> whois.domaintools.com/

whois.domaintools.com. research domain ownership with whois lookup: get ownership info, ip address history, rank, traffic, Show more. Global Rank.

whois.net

in.godaddy.com/whois/

What shows in the GoDaddy WHOIS directory?

The public GoDaddy WHOIS directory is a listing of all registered domains with corresponding information on domain registration, ownership and availability. Domain Privacy from GoDaddy is automatically added to eligible domains to protect your personal domain contact info.

enom.com/whois/

==> archive.org.

->All web site snapshot show old

.haveibeenpwned.com

pra@smail.com

.builtwith.com

->find out what website are build with

7.Wappalyzer.com

->Browser extensions.

9.Centralops.net

.Domain Dossier.

->IP,DNS,NETWORK

.Browser Mirror

->IP Domain

.Analyse Path

.Mx tool box->Mxtoolbox.com

.Mx Lookup

.SMTP Test. (port25)

.SPF Lookup.

.Domian Health Report.

.Password Generator

.Subnet Calulator

networks-tools.com

tools.dnsstuff.com

7(72)

Gray Literature

guides.library.cornell.edu/graylit

-stalkscan.com

->fB link Past profile.

.Alternative website

graph.tips/beta/

Peoplefindthor.dk/

netbootcamp.org/facebook.html

b.Followerwonk.com

->web-based twitter analytic

.twitter.com/search-advanced

www.exporttweet.com

sleepingtime.org.

.Hunter.io /search

->email.info

.Alternative

.www.peoplelooker.com/email-lookup/domainbigdata.com

tools.verifyemailaddress.io/

-Data Breach Record Search

->info.email.(compromised)password is leaked

.dehashed.com

intelx.io

search.weleakinfo.com

leakedsourcr.r4.

.people Search

.thatsthem.com

Alter

.pipl.com

unfind.name

publicrecords.directory

www.SPYtox.com

inteltechniques.com/menu/pages/person.tool.html

Facke.js (fack info)

https://cdn.rawgit.com/marak/faker.js/master/examples/browser/index.html

IT Device Default Credentials.

.Cirt.net/passwords

routerpasswords.com

open-sez.me

hashes.org

phenoelit.org/dpl/dpl.html

.Vulnerabilities Databases.

https://world-webcams.nasspot.net/

www.livefeomiceland.is

www.insecam.org/

80,81

photo.wolfram Alpha

Al technology

www.wolframalpha.com

.suncalc www.suncalc.org

sunduring.

.moon calc www.mooncalc.org

time frame of day

moon during.

GTD(Global terrorism Database)

www.start.4md.edu/gtd/all database info.

Persona Creation.

· Faker.js

https://cdn.rawgit.com/Marak/faker.js/master/examples/browser/index.html

· it will generate Random Data including Name, Birth, Address, Phone, Username ,Password, E-mail, Avatar.

"Alternative web

· https://www.fakenamegenerator.com

· https://backgroundchecks.org/justdeleteme/fake-identity-generator/

· https://randomuser.me/

}The Invisible Internet Project (12P)

https://geti2p.net/en/download

(Open Source Information Gathering)

· Summary

www.osintframework.com

www.osint.link

www.inteltechniques.com

}Advanced information Gathering

· Shodan

9 Search Engine for internet Connected Devices.

· HoneyScore- HoneyPot or Not

https://honeyscore.Shodon,io/

9 Ip to Range 0.0 to 1.0

ICS Radar

https://ics-radar.Shodan.io/

· Shodan Exploits

https://exploits.Shodon.io

Shodan Search :- APache City:”Jaipur”

}Steps to Use Censys.io

www.Censys.io

What Servers & devices are exposed on my network?

Ex Search

Censys"Port:22 AND Port:21

Ip Address

CyberChef – The Cyber Swiss Army Knife

To Use encoding/ decoding

https://gchq.github.io/CyberChef/

Recipe

Here, Input is – Hi I am Pradhyuman

Output is – SGkg…

EncodingD Decoding

AES Encryption / Decryption.

16 bytes = AES -128

24 bytes = AES -192

32 bytes = AES -256

AES Encryption

HEX to PEM

Generate QR Code

9 Input - Hi I am Pradhyuman.

FOCA –Fingerprinting Organizations with Collected Archives.

DNS,Web,Ip,Robtex,DNS Prediction,BingIP,Metadata Extraction,Network,…

FOCA

"New Project.

Test

www.protechstart.com

Path-Storage

Google Web€

"Creepy – Geolocation OSINT Tool

Download

https://www.geocreepy.com/

"Dmitry – Deep Magic Information Gathering Tool

· Kali Linux

#dmitry.

#dimtry-wis www.Protectstart.com

-o abc.txt.

Sublist3r - Subdomain Discovery Tool

#git Clone https://github.com/aboul3la/sublist3r

#cd Sublist3r

#PiP install -r requirement.txt

#python Sublist3r.py -h

#python Sublist3r.py -d google.com -e

netcraft

#phthonSublist3r.py -d netcraft -b –t 5o

NSubdomain discovery with brute.force.

___________

Recon-ng – Reconnaissance framework

#Sudo apt-get install recon-ng.

# recon-ng

[recon-ng] [default]> show modules

>key list

>keys add < api_service>

<api_key>

[default] keys add Shoda_api 1234353

>use <module_name>

>use discovery/info_disclosure/interesting_files

#[recon-ng]]default][interesting_files]>

Set Source www.Protechstart.com

SOURCE Æwww.protechstart.com

#[recon-ng]]default][interesting_files]>run

9 to show all Web site file in.

" pof- passive Recon Tool

# pof -I etho

9 internet to Capturing the Packets.

generate Some traffic.

" Sparta – A Recon Tool (GUI Tool)

# Sparta

Host to Scane (Ports, Info……)

" Netdiscover

#netdiscover –h

#netdiscover –p -r <ip_range>

"Maltego

"Installing TIDOS

git clone https://github.Com/OXInfection TIDOS-Framework.

#nmap

#nmap -V -A Scanme.nmap.org

#nmap - SS Scanme.nmap.org

9 port scanne

#nmap -ST Scanme.nmap.org -P o-100

#nmap -SU scanme.nmap.org

All 1000 Scanned ports on Scanme

#nmap - SY Scanme.nmap.org

#nmap – V -Sx Scanme.nmap.org –P 0-500

Performing XMAS Scan

}Performing Service & version Scan

#nmap -ssv Scanme.nmap.org

}OS Detection

#nmap -O –V Scanme.nmap.org

}Nmap Scripting Engine

#nmap -SC -P21 ,25 ,80 -T4 Scanme….

only this Port Scanme

#hping3 -S --flood -V -Scanme.nmap.org

}Performing Smurf Attack Using hping3

#hping3 -1 --flood -a Scanme.nmap.org

}Banner Grabbing with NMAP

#nmap -SV --Script=banner –p 0-100

SScanme.nmap.org

#Curl -S –I Scanme.nmap.org/ grep -e

“server”

#nc -V Scanme.nmap.org 80

#dmitry -b 45.33.32.156

}Enumeration

#enum4linux -h

#enum4linux -a 192.168.1.43

}NULL SESSIONS

C:\Users\ Pra>Net use \\Pra\ipc$ “ ” “/user:”.

>net view \\ pra

>net Use s:\\pra\ (shared folder name)

SNMP

#Snmp-Check -h

#Snmp-Check 192.168.1.2. –C public

Nmap NSE Script

#SUDO nmap -SU -p123 -iL ntp_targ.txt

--Script ntp-info -Pn -n

#Smtp-user-enum -h

learn advance cyber security click

Search This Blog

Cyber security

01 Footprinting Advance Book

What shows in the GoDaddy WHOIS directory?

Comments

Post a Comment

Popular posts from this blog

01. Footprinting