Types of Information Gathered via Footprinting

Finding the level of risk connected with the organization's publicly available information is a crucial component of footprinting. Footprinting, also known as the preparatory phase is the first step in ethical hacking. The reconnaissance or footprinting part has the most weightage in the phases of hacking almost above 50%, making it the most crucial and vital. Information can be divided into three categories (may vary) organization, network and system. 

Organizational Information

Attackers may use this information to locate important individuals and undertake social engineering attacks in order to steal sensitive information.  Whois database may contain obtain valuable information. 

  • Employee details (employee names, contact addresses, designations, and work experience)
  • Addresses and mobile/telephone numbers
  • Branch and location details
  • Partners of the Organization
  • Web links to other company-related sites
  • Background of the organization
  • Web technologies
  • News articles, press releases, and related documents
  • Legal documents related to the organization
  • Patents and trademarks related to the organization 

Network Information

This information can be gathered via Whois database analysis, trace routing, and so on. 
  • Domain and sub-domains
  • Network blocks
  • Network topology, trusted routers, and firewalls
  • IP addresses of the reachable systems
  • Whois records
  • DNS records and related information

System Information

This information can be gathered via DNS, website, email and other types of footprinting methods. 
  • Web Server OS
  • Location of Web Servers
  • Publicly available email addresses
  • Usernames, passwords, and so on. 

You might be also interested in,

We hope this helps. If any suggestions or doubts you can add a comment and we will reply as soon as possible.

No comments:

Post a Comment