Gathering Information

Contents
• Information gathering

• Whois Lookup
• Reverse Lookup
• Have I pwned
• Truecaller
• Hunter.io
• Netcraft/Wapperlyzer
• OSINT Tools
• Wayback Machine
• Being anonymous in Internet
• Windows hacking
• NMAP
• Lazy Framework
• Introduction about burpsuite
• Bonus : Grabify-ip, netcut
 Information Gathering
• Whois Lookup
• A WHOIS lookup is a way for you to search the public database for
information about a specific domain, such as the expiration date,
current registrar, registrant information, etc.
• Website : https://whois.domaintools.com/
• Website : https://www.whois.net/

• Whois database is maintained by ICANN (Internet Corporation for

Assigned Names and Numbers)
• Website : https://www.icann.org/
• Organizations connected with WHOIS Database ;

• IANA - https://www.iana.org/

• APNIC - https://www.apnic.net/

• IRINN - https://www.irinn.in/
 Reverse Lookup
• Reverse lookup will help us to find the websites co-hosted in
our target server using the IP Address of the target, which will
help the attacker to gain unauthorized access in the server if
there is a vulnerable domain.

• Tool : https://hackertarget.com/reverse-ip-lookup/
 Truecaller
• Truecaller is a smartphone application that has features of
caller-identification, call-blocking, flash-messaging, call-
recording, Chat & Voice by uses the internet. For a hacker
truecaller is also a treasure box because we can find an
approximate location of the user.

• Web : https://www.truecaller.com/
 Hunter
• Hunter lets you find email addresses in seconds using
company name or domain.
• By capturing E-Mail address we can check for password
leaks.

• Web : https://hunter.io/
 Have I been pwned
• Have I been pwned is a website which will provide us
information about breaches

• Website : https://haveibeenpwned.com/
 Netcraft
• Netcraft is an internet services company based in the United
Kingdom which provides internet security services. But we are
using the Netcraft Sitemap Tool, Using this tool an attacker
can gather as much as information about a website.

• Web : https://sitereport.netcraft.com/
 Wappalyzer
• Wappalyzer is a technographics data provider, uncovering
technologies such as content management systems, customer
relationship management, ecommerce platforms, advertising
networks, marketing tools and analytics.

• https://www.wappalyzer.com/lookup
• Wappalyzer also have a browser extension which help us to look
into the technologies of any website in a matter of seconds

• Chrome:
https://chrome.google.com/webstore/detail/wappalyzer/gppongmhjk
pfnbhagpmjfkannfbllamg

• Firefox : https://addons.mozilla.org/en-US/firefox/addon/wappalyzer/
 OSINT Tools
• Shodan
• Shodan is Search Engine used to find out devices which are
connected in internet
• Web :https://www.shodan.io/
• Nslookup
• Nslookup is a tool used to find DNS information of a domain it is
Inbuilt in Kali Linux
• OSINT Framework
• It is a collection of websites which can be used to gather information
web : https://osintframework.com/
• theHarvester
• The Harvester is a tool used to gather emails from domain. It is
Inbuilt in Kali Linux
• Builtwith
• It is website used to find the technologies used to develop a website
web : https://builtwith.com/
• Webcam Taxi
• It is a website with the collection of webcam around the world
web : https://www.webcamtaxi.com/
 Wayback Machine
• Suppose we need an information on a website which was
present in previous years but not now so this comes to the
rescue.
• Web : https://archive.org/web/
 Being anonymous in Internet
• IP (Internet Protocol)
• IP address. An Internet Protocol address (IP address) is a numerical
label assigned to each device connected to a computer network that
uses the Internet Protocol for communication.
• MAC (Media Access Control)
• MAC address or Media Access Control address is the physical address
of NIC(Network Interface Controller) card. Using the MAC address we
can identify a device in our local area network because MAC address
are always unique.
 How to be anonymous?
• Proxy
• In computer networking, a proxy server is a server application or
appliance that acts as an intermediary for requests from clients
seeking resources from servers that provide those resources.
• Proxy Switcher : https://www.proxyswitcher.com/

• VPN
• VPN lets its users send and receive data as if their devices were
connected to the private network – even if they’re not.
• VPN will create a private network in the public network
• Hide.me VPN : https://hide.me/en/software/windows