TROJAN HORSE SECURITY IS TEACHING THESE CONCEPTS FOR EDUCATIONAL PURPOSES ONLY. WE DO NOT CONDONE ILLEGAL HACKING. TROJAN HORSE SECURITY CONSULTANTS ARE HIRED AS ETHICAL HACKERS AT THE REQUEST OF ORGANIZATIONS WITH PERMISSION TO HACK THEIR NETWORKS AND SYSTEMS.

 

 

Before we touch the target network and give ourselves away, we are going to want to conduct a lot of footprinting. A ton of information can be discovered about an organization from basic internet searches and basic network requests. Sometimes, we can find sensitive information that is being leaked onto the Internet without an organization knowing it!

 

Then, when we do touch the network, we want to act like every other user, gently probing for data.

 

When we do start running port scans on the Internet facing systems, we'll know quite a bit about the company and know what to look at.

 

Click on the links below to learn some specific techniques in footprinting and discovery:

 

Discovering IP Ranges Owned by an Organization

 

Querying DNS -fierce, nslookup, zone file xfr

 

Netcraft

 

Google Searches

 

Who works there?

 

Social Media

 

Code Repositories

 

Message Boards

 

Searching for email addresses

 

Searching for telephone numbers

 

Port Scanning / Ping scan

 

Websites - WGET