Information Gathering
Information gathering is getting informations about target person. We must search vulnerables, draw necessary plans and dont leave trail. Information gathering can examine in two parts.
Active Information Gathering
We need to communicate with our target for active information gathering. We are making direct communication with target. So, we should use VPN. You can get critical datas and informations with communicating with target. But we can get caught because of logs.
Some Active Information Gathering Tools:
Nmap: You can get critical datas and informations about target, and you can find ports which have vulnerables with using nmap detailed. It send to target ARP and Ping packages. So, you should use VPN or ProxyChains.
Dnsenum: You can see subdomain names, server host addresses etc.. about your target easily.
Whatweb: You can see extensions, cookies and script informations with this tool.
Goofile: You can find various d𝐨cuments (.txt .pdf .html .doc) in website with this tool.
Passive Information Gathering
You dont need to communicate with target while you're performing passive information gathering. And there is no logs. This informations generally gets from websites like whois. You can find system's e-mail servers, domain logs, saved phone and address informations connected to domain without leaving trails.
Some Passive Information Gathering Tools:
Google: You can make detailed searching and vulnerable scanning with dork scannings via google search engine's index datas
Bing: It lists websites that belong to ip address which we typed with ip: command.
Whois Interrogation: You can use this for gathering information about domain. You can see IP, server, database of target. Also, you can see domain's taken and finish dates.
Archive.org: This website archives websites and do̤cuments. You can find any website's deleted datas and old images with Archive.org.
Shodan: It is a searching engine. This website captures ports of all devices which is connected to internet, OS, localations and vulnerabilities.
Pipl: You can make personal search with this website. It searches over target's name, surname, country, city informations.
Social Media: People share their all things in here. You can get address, e-mail, phone number, and personal datas about target easily.
Differences Of Active and Passive Information Gathering
You connect to system while you are gathering active informations. So, while you are sending packages, it will save log. So, you can get caught.
You dont connect while you are gathering passive informations. So, you cant get caught. Thanks to active information gathering, we can gather most of that infos as well as passive one.
Most popular and safest information gathering method is passive information gathering.
Information gathering is getting informations about target person. We must search vulnerables, draw necessary plans and dont leave trail. Information gathering can examine in two parts.
Active Information Gathering
We need to communicate with our target for active information gathering. We are making direct communication with target. So, we should use VPN. You can get critical datas and informations with communicating with target. But we can get caught because of logs.
Some Active Information Gathering Tools:
Nmap: You can get critical datas and informations about target, and you can find ports which have vulnerables with using nmap detailed. It send to target ARP and Ping packages. So, you should use VPN or ProxyChains.
Dnsenum: You can see subdomain names, server host addresses etc.. about your target easily.
Whatweb: You can see extensions, cookies and script informations with this tool.
Goofile: You can find various d𝐨cuments (.txt .pdf .html .doc) in website with this tool.
Passive Information Gathering
You dont need to communicate with target while you're performing passive information gathering. And there is no logs. This informations generally gets from websites like whois. You can find system's e-mail servers, domain logs, saved phone and address informations connected to domain without leaving trails.
Some Passive Information Gathering Tools:
Google: You can make detailed searching and vulnerable scanning with dork scannings via google search engine's index datas
Bing: It lists websites that belong to ip address which we typed with ip: command.
Whois Interrogation: You can use this for gathering information about domain. You can see IP, server, database of target. Also, you can see domain's taken and finish dates.
Archive.org: This website archives websites and do̤cuments. You can find any website's deleted datas and old images with Archive.org.
Shodan: It is a searching engine. This website captures ports of all devices which is connected to internet, OS, localations and vulnerabilities.
Pipl: You can make personal search with this website. It searches over target's name, surname, country, city informations.
Social Media: People share their all things in here. You can get address, e-mail, phone number, and personal datas about target easily.
Differences Of Active and Passive Information Gathering
You connect to system while you are gathering active informations. So, while you are sending packages, it will save log. So, you can get caught.
You dont connect while you are gathering passive informations. So, you cant get caught. Thanks to active information gathering, we can gather most of that infos as well as passive one.
Most popular and safest information gathering method is passive information gathering.
Moderatör tarafında düzenlendi:
