2.2.1 Footprinting through Search Engines

Footprinting through Search Engines

  • Attackers use search engines to extract information about a target such as technology platforms, employee details, login pages, intranet portals, etc. which helps in performing social engineering and other types of advanced system attacks.
  • Search engine caches and internet archives may also provide sensitive information that has been removed from the World Wide Web (WWW).

Finding Company's Public and Restricted Websites

  • Search for the target company's external URL in a search engine such as Google, Bing, etc.
  • Restricted URLs provide an insight into different departments and business units in an organization.
  • You may find a company's restricted URLs by trial and error method or using a service such as http://www.netcraft.com

Determining the Operating System

  • Use the Netcraft tool to determine the OSes in use by the target organization.
  • Use SHODAN search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters.

或是Censys, https://www.censys.io/

Collect Location Information

  • Use Google Earth tool to get the physical location of the target.
  • Tools for finding the geographical location:
    • Google Earth
    • Google Maps
    • Wikimapia
    • National Geographic Maps
    • Yahoo Maps
    • Bing Maps

People Search: Social Networking Sites/People Search Services

  • Social networking sites are the great source of personal and organizational information.
  • Information about an individual can be found at various people search websites.
  • The people search returns the following information about a person or organization:
    • Residential addresses and email addresses
    • Contact numbers and date of birth
    • Photos and social networking profiles
    • Blog URLs
    • Satellite pictures of private residencies
    • Upcoming projects and operating environment

People Search Online Services

Gather Information from Financial Services

  • Financial services provides a useful information about the target company such as the market value of a company's shares, company profile, competitor details, etc.

Footprinting through Job Sites

  • You can gather company's infrastructure details job postings.
  • Look for these:
    • Job requirements
    • Employee's profile
    • Hardware information
    • Software information

Monitorming Target Using Alerts

Information Gathering Using Groups, Forums, and Blogs

  • Groups, forums, and blogs provide sensitive information about a target such as public network information, system information, personal information, etc.
  • Register with fake profiles in Google groups, Yahoo groups, etc. and try to join the target organization's employee groups where they share personal and company information.
  • Search for information by Fully Qualified Domain Name (FQDN), IP addresses, and usernames in groups, forums, and blogs.

results matching ""

    No results matching ""