Lesson 04 : Getting started with Hacking

The objective of Footprinting is to collect as much information about the system and the user as possible.

Footprinting can be done via a lot of different methods :

1. Footprinting through Social Media - the attacker will create fake accounts/ids and tries to gather as much as possible information about the target person or organization.
2. Footprinting through Search Engines like Bing, Google, and DuckDuckGo - attackers go through Search History, look for cache and archives. A few tools that are used are Netcraft and Shodan.
3. Footprinting through Job sites - hackers will look for what tools and technology the organization are using.
4. Google Hacking databases and Advance search queries - Query string can be used in search and can be used as keywords. Also, Google Advance Search Operators can be utilized. For example “intitle index of” list down all the sites with open index, which basically lists down all the files and URLs available for that website. [securityfocus.com, hackersforcharity.org/ghdb are two such websites where you can get most of the info.]
5. Website Footprinting is monitoring the target organization's website. Web server details, directory structure, developer's Email ID are some of the common things a hacker looks for. Backdated website information can be extracted from archive.org.
6. Email tracking is used to track emails. Emails are used to gather information in order to perform social engineering and many other attacks.
7. WHOis - hackers use WHOis to get the details like IP Address, Address, Server Location, etc. about a specific domain. (https://whois.com/whois)