information gathering

Information gathering is the first step of Ethical Hacking, where the penetration tester or even hackers gather information on their target victims. To increase your chances of “successful” hacking, you will need to do a good job and spend time on this stage.

Steps of information gathering:-

  1.    Enumerating content and functionality.

(By the help of manual browsing)

   2.    Automated Spidering to website.

          (for discovering new content)

   3.    Discovering hidden contents – For discovering the hidden files we will use brute force techniques. We will send a huge number of requests to the webserver, attempting to guess the name or identifiers of hidden functionality.  In this you have to look for:-

 01

Backup copies of live files

02

Backup archives

03

New functionality

04

Default application functionality

05

The old version of files that have not been removed from the server

06

Configuration and include files containing sensitive data

07

Comments in source code

08

Logs files

 4. Use of public information – two main types of publicly available resources are useful here. Search engine/ Advance google Dorking.

Web archives  i.e Wayback machines  https://archive.org/web/

5. Discovering Hidden parameter

6. Analyze the application:-  In this phase, you have to enumerate the application:-

      •  The core  mechanism and how they function (user registration  password change, account recovery )
      • All different locations at which the application process user-supplied input. (every URL, item of post data, cookie)
      • What technologies they are using.
      • Any other details about internal structure.

   7.  Identify entry points for user input:-  look for this one:-

      • Every URL string
      • Every Parameter
      • Every cookie
      • Every Post Request

  8. Identify Server-side Technologies:-  Banner grabbing and fingerprinting (service + version )

 

 9. Information Through File extension:-  it is used within URL often disclose the platform a programming language used to implement relevant functionality.

 

 10. Information  Through Directory Names:-

 Servlet

 java servlets

 pls

  oracle Application server PL/SQL gateway

Rails

 Ruby on rails

   11.   Information through Session Token:-

JsessionID

 The java platform

ASPSESSIONID

 Microsoft IIS Server

PHPsessid

PHP

 12.   Analyze Third-party code components

By Abhishek

For learning more about these awesome tools, you can join the ethical hacking course in Delhi by Craw Security on the contact details given below:-

First Floor, Plot no. 4, Lane no. 2 Kehar Singh Estate, Saket metro, Saidulajab, New Delhi 110030

Email: [email protected]

Phone: 011-40394315

Leave a Reply

Your email address will not be published. Required fields are marked *