![Sam spade tool](https://kumkoniak.com/19.jpg)
We can find IP addresses corresponding to a domain name and vise versa using DNS footprinting (aka DNS interrogation).Īnother best place to find out subdomains of a domain is Google search. The place to find out more about domains and IPs are Domain Name Servers (DNS). By targets, we mean domain names or IP addresses. Security testing starts with one or more targets. Let’s see what kind of information we can get from each source. Some common sources for the information gathering are as follows: So any source that can give us information about the target is valuable. The goal of information gathering is to collect as much information as possible about the target. Organizations’ Information: such as employee details, organization’s website, local details, address and phone numbers, security policies implemented, social media posts, news articles, and press releases.
![sam spade tool sam spade tool](http://1.bp.blogspot.com/-WCFHZbbwPnQ/T3BjncxFMWI/AAAAAAAAAJ0/KEiE8YSUrvo/s1600/result.jpeg)
- System Information: such as users, system banners, SNMP information, system architecture, operating systems, username, and passwords.
- Network Information: such as domain name, IP addresses, websites, protocols used, VPNs, authentication mechanisms, and list of network systems.
- Generally, there are 3 types of information that can be identified by information gathering. While active is a type of footprinting that leaves tracks and alerts the sensors on the target. Passive involves collecting information without the owner knowing it. Difference Between Passive and Active Information Gatheringįootprinting can be passive or active.
Sometimes information gathering is enough for a hacker to break into a system. Information gathering also known as footprinting or reconnaissance is the first step of security testing of any target which is used by both hackers and security professionals.