Information gathering is gain any information of an organization or a person . Sometimes, Information Gathering need some “soft skills” and social engineering method. There is a lot of choice of information gathering such as phishing, reconnaissance and social engineering via phone.
Below are some of the tricks to gain information via website:
Passive Recon
Passive Recon is add-ons that gather all information on the website that you wanted to know. If you wanted to download the add-ons, can been found at https://addons.mozilla.org/en-US/firefox/addon/6196 The function of the Passive Recon is such as DNS-AS-SERVER Version Info, Email Addresses and Files such as DOC, PDF and etc. To use the Passive Recon, it can been seen as below:
Live HTTP Header
The Live HTTP Header is usually been used for help debugging the web application, See which kind of web server the remote site is using and also see the cookies sent by the remote site. To download it, can be found at https://addons.mozilla.org/en-US/firefox/addon/3829 Besides doing above function, the Live HTTP Header also look in HTTP header for modification such as BIGipServerOS in cookie, Connection:close and Connection:close An example of the Live HTTP headers demo is such as below:
Shodan Website
Shodan is a computer search engine designed by web developer John Matherly (http://twitter.com/achillean). Shodan is much different than content search engines like Google, Yahoo or Bing although it’s a search engine. Shodan will be interrogates ports and grabs the resulting banners, then indexes the banners for searching. Shodan also been designed to help the user find specific nodes such as desktops, servers, routers, switches and etc.
The main page for the Shodan is as below which the Shodan website located at http://www.shodanhq.com For Security Consultant, they need requires some basic knowledge of banners including HTTP status codes, Banners advertise service and version and banner can be spoofed.
Archive
Archive is a website that will take you back into the date that website been published. Security Consultant can see what the old website look like and they can also look how much modification has been made to the website.
No responses yet