What Is Information Gathering : Information Gathering - Cyber Thieve

 Information Gathering

Information Gathering is all about collecting more and more information about the target machine or can be a person . Information Gathering is the first step of penetration testing or hacking all pentesters and hackers(black, grey and white hat hackers ) gather as much as possible information about the target or victim from anywhere it could be online or can be offline or socially. To obtain more relevant results, we have to gather more information about the target to increase the probability of a successful attack.  It is a method used by analysts to determine the needs of customers and users. Techniques that provide safety, utility, usability, learnability, etc. for collaborators result in their collaboration, commitment, and honesty. Various tools and techniques are available, including public sources such as Whois, nslookup which can help hackers to gather user information. This step is very important because while performing attacks on any target information (such as his pet name, best friend’s name, age, or phone number to perform password guessing attacks(brute force) or other kinds of attacks) are required.




Related Posts : 

What is personal data?

Personal data is any information relating to a natural person identified or who can be identified, directly or indirectly, by reference to an identification number or to one or more elements that are specific to him.

OSINT :

Internet is an ocean of data, the information is easily accessible by all. Some of evil persons use this information for malicious activity. There is a lot of information about you witch is directly (your social media profile and forms for creating login account on the internet) and indirectly by you uploads or fill by you.
OSINT or "Open Source Intelligence" is an intelligence method based on information accessible to all and not classified

  • Media such as newspapers, radio, television
  • Social networks (Facebook, LinkedIn, Instagram, Twitter ...), blogs, forums
  • Public documents, including official government reports such as budgets, press conferences, demographics, contract awards
  • Academic sources, including articles, conferences, symposiums, etc.
  • Observations and reports.
  • The dark web and the deep web

Information gathering can be classified into the following categories: 

  • Footprinting
  • Scanning
  • Enumuration

Footprinting :

Footprinting is the technique to collect as much information as possible about the targeted network/victim/system. It helps hackers in various ways to by pass the organization's system.

Footprinting can be classified in two part

  • Passive Footprinting :

Passive Footprinting is about to be anonymously collecting the information about the target. 

Passive Footprinting technique includes :
  • Finding the Top-level Domains (TLDs) and sub-domains of an objective through web services
  • Gathering area information on the objective through web services
  • Performing individuals search utilizing social networking websites and individuals search services
  • Stealing monetary data about the objective through various monetary services
  • Get-together framework subtleties of the objective association through places of work
  • Checking objective utilizing ready services
  • Social occasion data utilizing gatherings, discussions, and online journals
  • Deciding the working frameworks being used by the objective association
  • Extricating data about the objective utilizing Internet documents
  • Performing competitive intelligence
  • Discovering data through web crawlers
  • Monitoring website traffic of the target
  • Tracking the online reputation of the target
  • Gathering data through social designing on social networking destinations

  • Active Footprinting :

Active Footprinting is Collecting information about the target system with direct interaction . In this technique targeted person or organisation may recognise the us that someone is gathering information about them.


Active Footprinting techniques include :

  • Querying published name servers of the target
  • Extracting metadata of published documents and files
  • Stealing a lot of website information using various types of mirroring and web spidering tools
  • Gathering information through email tracking
  • Performing Whois lookup
  • Extracting DNS information
  • Performing traceroute analysis
  • Performing social engineering

Tools for information gathering

NOTE : There are many tools are in the kali linux for information gathering here i am showing some well known tools.

Google Hacking :

A Google Dork query is the use of search term that incorporates advanced search operators to find information on a website that is not available using a traditional search. This simplifies and clarifies searches.

Mainly used to obtain:

  • Email lists.
  • Usernames and passwords.
  • Sensitive documents.
  • Personal, transactional or financial information.
  • Vulnerabilities of websites.
  • servers or plugins.

Shodan :

Shodan is a search engine designed to map and gather information about internet -  connected devices and systems. Shodan is sometimes referred to as a search engine for the internet of things (IoT).

Whois :

Whois is a search service provided by internet registries.
Regional internet registries (RIR) or domain name registries to obtain information about an IP address or a Domain Name.

The Harvester :

This is a tool used in Linux to gather the information about Email Address, Sub Domains, Hosts, Employee Name, Open Ports and Banners from Different public source like search engines.

Nmap :

Nmap is one of the most used tools in the world of security.
Is a free port scanner created by Fyodor and distributed by Insecure.org. It is designed to detect open ports, identify hosted services, and obtain information about the operating system of a remote computer.

Maltego :

Maltego is an open source software that allows to easily find, and visually, public information such as the different e-mail addresses of a person, phone numbers that may be associated with him, IP addresses, DNS, mail server, webhost, employees of a company and many other things.

SpiderFoot : 

SpiderFoot is a reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence on IP addresses, domain names, e-mail addresses, names and more. 

You simply specify the target you want to investigate, pick which modules to enable and then SpiderFoot will collect data to build up an understanding of all the entities and how they relate to each other.


Checkusernames :

Checkusernames is a free service that can search your query in more than 160 Socail Media Network Platforms.

Lullar :

Lullar is search Engine that helps you to find the peoples user profile of different places.

Objective of Footprinting :

Collect Network Information : 

Domain name, Internal domain names, IP addresses of the reachable systems, Access Control Mechanisms, protocols used, existing VPNs, analog and digital telephone numbers, authentication mechanisms, and system enumeration.

Collect System Information : 

Users and group names, system banners, routing tables, and the routing protocols it is using, SNMP information, system architecture, operating system used, remote system type, username, and passwords.

Collect Organizations' Information : 

Employee details, organization's website, company directory, local details, address and phone numbers, comments in HTML Source code within an organization's website, security policies implemented, web server links relevant to the organization, news articles and press release.

Tags

You may like these posts

Show more

Post a Comment

0 Comments
* Please Don't Spam Here. All the Comments are Reviewed by Admin.

#buttons=(Ok, Go it!) #days=(20)

Our website uses cookies to enhance your experience. Learn More
Ok, Go it!