SlideShare ist ein Scribd-Unternehmen logo

Footprinting _ By Mujmmil Shaikh

Mujmmil Shaikh
Mujmmil Shaikh

Foot-printing is a method to draw the blueprint of the security profile for an organization, undertaken in a methodological manner, only by an Experts like Mujmmil Shaikh. I have relased this Educational presentation with slight misspelled name in order to divert the attention for time being and mislead fools primarily. © Mujmmil Shaikh mujmmil01@gmail.com

Technologie
1 von 36
IT Security & Ethical Hacking “FOOTPRINTING” BY Er. Mujmmil Shaikh
Appin Tech 2011 Table of Content 1. Introduction. 2. Why Footprinting Necessary? 3. Areas & Information which attackers seek. 4. Information Gathering Methodology. 5. Competitive Intelligence Gathering. 6. Footprinting Tools. 7. Who is Tools? 8. DNS Information Extraction Tools. 9. Locating Network Range. 10. E-mail Spiders. 11. Locating Network Activity. 12. Search Engines. 13. How to Fake Websites? 14. Summary. ER.MUJMMIL SHAIKH
Appin Tech 2011 Introduction Footprinting is the blueprint of the security profile of an organization, undertaken in a methodological manner. Footprinting is one of the three pre attack phases; an attacker spends 90% of the time in profiling an organization and another 10% in launching the attack. Footprinting results in a unique organization profile with respect to Networks (Internet/intranet/extranet/wireless) and systems involved. Why Footprinting Necessary? Footprinting is necessary to systematically and methodically Ensure that all pieces of information related to the aforementioned technologies are identified. Footprinting is often the most difficult task to determine the security posture of an entity. ER.MUJMMIL SHAIKH
Appin Tech 2011 Areas and information which attackers seek INFORMATION GATHERING 1. Information Gathering Methodology  Unearth initial information.  Locate the network range.  Ascertain active machines.  Discover open ports/access points.  Detect operating systems.  Uncover services on ports.  Map the network. ER.MUJMMIL SHAIKH
Appin Tech 2011 2. Passive Information Gathering Passive Information Gathering means To understand the current security status of a particular information system, organizations perform either a penetration testing or other hacking techniques. It is done by finding out the freely available details over the internet and by various other techniques without coming in contact with the organizations servers. Organizational and other informative websites are exceptions as the information gathering activities carried out by an attacker do not raise suspicion. COMPETITIVE INTELLIGENCE GATHERING Business moves fast. Product cycles are measured in months, not years. Partners become rivals quicker than you can say „breach of contract.‟ So how can you possibly hope to keep up with your competitors if you can‟t keep an eye on them? It is the process of gathering information about your competitors from resources such as the internet. The competitive intelligence is non-interfering and subtle in nature. It is both a product and a process. ER.MUJMMIL SHAIKH
Appin Tech 2011 Why do you need competitive intelligence? ER.MUJMMIL SHAIKH
Appin Tech 2011 Competitive intelligence tool: 1. Trellian Trellian compiles and analyzes internet usage statistics to create a powerful competitive intelligence tool that no business should be without ER.MUJMMIL SHAIKH
Appin Tech 2011 2. Web Investigator Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 3. Relevant Noise. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 4. Reputica Dashboard. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 5. My Reputation. My Reputation finds out everything that is being said about you online and gets rid of the content you do not like. Public & private websites ER.MUJMMIL SHAIKH
Appin Tech 2011 FOOTPRINTING TOOLS 1. Big Brother Big brother is designed to see how network is performing in near real-time from any web browser. It displays status information as web pages or WML pages for WAP-enabled devices. Big brother uses a client-server architecture combined with methods which push and pull data. Network testing is done by polling all monitored services from a single machine, and reporting these results to a central location (BBDISPLAY). Big brother include support for testing ftp,http,https,smtp,pop3,dns,telnet,imap,nntp and ssh servers. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 2. Bile Suite 3. Alchemy Network Tool. ER.MUJMMIL SHAIKH
Appin Tech 2011 4. Advanced Administrative Tool (AA) 5. My IP Suite ER.MUJMMIL SHAIKH
Appin Tech 2011 WHOIS TOOLS 1. Active whois. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 2. LAN Whois. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 3. Country Whois. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 4. Whereisip. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 5. IP2country. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 6. Caller IP. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 7. Web Data Extractor Tool. 8. Online Whois Tools. ER.MUJMMIL SHAIKH
Appin Tech 2011 DNS INFORMATION EXTRACTION TOOLS 1. Spider Foot. Spider foot is a free, open-source, and domain foot printing tool which will scrape the websites on that domain, as well as search Google, Netcraft, Whois, and DNS to build up information like:  Sub domains.  Affiliates.  Web server versions.  Users.  Similar Domains.  Email Addresses.  Net blocks. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 2. Nslookup. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 3. Expired Domains. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 4. Domain king. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 5. Domain Name Analyzer. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 6. Domain Inspect. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 LOCATING NETWORK RANGE 1. Commonly includes:  Finding the range of IP addresses.  Discerning the subnet mask. 2. Information Sources:  ARIN (American registry of internet Numbers).  Trace route. 3. Hacking Tool:  NeoTrace.  Visual Route. ARIN Arin allows searches on the whois database to locate information on a network‟s autonomous system numbers (ASNs), network-related handles, and other related point of contact (POC). ARIN whois allows querying the IP address to find information on the strategy used for subnet Addressing. ER.MUJMMIL SHAIKH
Appin Tech 2011 Trace route Trace route works by exploiting a feature of the internet protocol called TTL or Time to Live. Trace route reveals the path IP packets travel between two systems by sending out consecutive sets Of UDP or ICMP packets with ever increasing TTLs. As each router processes an IP packet, it decrements the TTL, when the TTL reaches zero, that router sends back a “TTL exceeded” message (Using ICMP) to the originator. Routers with reverse DNS entries may reveal the name of routers, network affiliation, and geographic location. Screenshot:- ER.MUJMMIL SHAIKH
Appin Tech 2011 Trace Route Analysis It is a program that can be used to determine the path from source to destination. By using this information, an attacker determines the layout of a network and the location of each device. For example: after running several trace routes, an attacker might obtain the following information.  Trace route 1.10.10.20, second to last hop is 1.10.10.1.  Trace route 1.10.20.10, third to last hop is 1.10.10.1.  Trace route 1.10.20.10, second to last hop is 1.10.10.50.  Trace route 1.10.20.15, third to last hop is 1.10.10.1.  Trace route 1.10.20.15, second to last hop is 1.10.10.50. ER.MUJMMIL SHAIKH
Appin Tech 2011 E-MAIL SPIDERS Have you ever wondered how spammers generate a huge mailing database? They pick tons of e-mail addresses by searching in the internet. All they need is a web spidering tool picking up e- mail addresses and storing them to a database. If these tools run the entire night, they can capture hundreds of thousands of e-mail addresses. Power E-mail Collector Tool o It is a powerful email address harvesting program. o It can collect up to 750,000 unique valid email addresses per hour with a cable/Dsl. o It only collects valid email addresses. o You do not have to worry about ending up with undeliverable addresses. ER.MUJMMIL SHAIKH
Appin Tech 2011 LOCATING NETWORK ACTIVITY 1. GEO Spider Tool GEO spider helps you to detect, identify, and monitor your network activity on the world map. You can see website‟s IP address location on the earth. Geo spider can trace a domain name. ER.MUJMMIL SHAIKH
Appin Tech 2011 2. Geo where tool. Geo where handles many popular news groups to find answers to your queries in an easy and fast manner. it can also seek information from country specific search engines for better results. Use Geo where to footprint an organizations:  News groups search  Mailing list finder  Easy web search  Daily news ER.MUJMMIL SHAIKH
Appin Tech 2011 SEARCH ENGINES A web search engine is designed to search for information on the World Wide Web and FTP servers. The search results are generally presented in a list of results and are often called hits. The information may consist of web pages, images, information and other types of files. Some search engines also mine data available in databases or open directories. Unlike Web directories, which are maintained by human editors, search engines operate algorithmically or are a mixture of algorithmic and human input. A new type of search engine has recently been launched where an individual can own keywords and profit from that relationship. 1. Kartoo Search Engine. 2. Dogpile Search Engine. Search Engine List 1. 20SEARCH 2. ALL THE WEB 3. ALTA VISTA 4. AOL SEARCH 5. ASK JEEVES 6. DOGPILE 7. EBAY 8. EXCITE 9. GIGABLAST 10.GOOGLE 11.IWON 12.JOEANT 13.LYCOS 14.MAMMA 15.MSN 16.NETSCAPE 17.OPEN DIRECTORY 18.WEBCRAWLER 19.WIKIPEDIA 20.YAHOO ER.MUJMMIL SHAIKH
Appin Tech 2011 How to fake websites? Website spoofing Website spoofing is the act of creating a website, as a hoax, with the intention of misleading readers that the website has been created by a different person or organization. Another meaning for spoof is fake websites. Normally, the website will adopt the design of the target website and sometimes has a similar URL. Another technique is to use a 'cloaked' URL. By using domain forwarding, or inserting control characters, the URL can appear to be genuine while concealing the address of the actual website. The objective may be fraudulent, often associated with phishing or e-mail spoofing, or to criticize or make fun of the person or body whose website the spoofed site purports to represent. Steps to create fake login pages: 1. Open any form building website (www.xyz.com) & sign up. 2. Login with newly registered account. 3. Click > create first form. 4. Delete all pre-defined entries and just leave „first name‟. 5. Click > first name & click > power tool option. 6. Double click > password Box. 7. Click the newly form password entry to rename it as „password‟. 8. Click > properties option. 9. Give any title to the form. 10.Put any link. 11.Open source code option. 12.Code is save “.html” Format. 13.Using free hosting website upload file. ER.MUJMMIL SHAIKH
Appin Tech 2011 Summary: ER.MUJMMIL SHAIKH

Empfohlen

Hacking
HackingHacking
Hackinggvsai501
 
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.Rapid7
 
China Cyber
China CyberChina Cyber
China CyberDominic Karunesudas
 
Air Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAir Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAirTight Networks
 
Honeypot-Defense through Mechanism
Honeypot-Defense through MechanismHoneypot-Defense through Mechanism
Honeypot-Defense through MechanismKarthik Bharadwaj
 
Fragments-Plug the vulnerabilities in your App
Fragments-Plug the vulnerabilities in your AppFragments-Plug the vulnerabilities in your App
Fragments-Plug the vulnerabilities in your AppAppsecco
 
Praetorian Veracode Webinar - Mobile Privacy
Praetorian Veracode Webinar - Mobile PrivacyPraetorian Veracode Webinar - Mobile Privacy
Praetorian Veracode Webinar - Mobile PrivacyTyler Shields
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10NowSecure
 

Empfohlen

Hacking
HackingHacking
Hackinggvsai501
 
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.Rapid7
 
China Cyber
China CyberChina Cyber
China CyberDominic Karunesudas
 
Air Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAir Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAirTight Networks
 
Honeypot-Defense through Mechanism
Honeypot-Defense through MechanismHoneypot-Defense through Mechanism
Honeypot-Defense through MechanismKarthik Bharadwaj
 
Fragments-Plug the vulnerabilities in your App
Fragments-Plug the vulnerabilities in your AppFragments-Plug the vulnerabilities in your App
Fragments-Plug the vulnerabilities in your AppAppsecco
 
Praetorian Veracode Webinar - Mobile Privacy
Praetorian Veracode Webinar - Mobile PrivacyPraetorian Veracode Webinar - Mobile Privacy
Praetorian Veracode Webinar - Mobile PrivacyTyler Shields
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10NowSecure
 
Anonymizers
AnonymizersAnonymizers
AnonymizersGregory Hanis
 
Brian Ghilliotti: Electronic Commerce: Applications of Raspberry Pie: Norwalk...
Brian Ghilliotti: Electronic Commerce: Applications of Raspberry Pie: Norwalk...Brian Ghilliotti: Electronic Commerce: Applications of Raspberry Pie: Norwalk...
Brian Ghilliotti: Electronic Commerce: Applications of Raspberry Pie: Norwalk...Brian Ghilliotti
 
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...IOSR Journals
 
Malware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient TruthMalware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient TruthAGILLY
 
M0704071074
M0704071074M0704071074
M0704071074IJERD Editor
 
iOS Security and Encryption
iOS Security and EncryptioniOS Security and Encryption
iOS Security and EncryptionUrvashi Kataria
 
Security News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreSecurity News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreInMobi Technology
 
Es34887891
Es34887891Es34887891
Es34887891IJERA Editor
 
Internet of things security multilayered method for end to end data communi...
Internet of things security multilayered method for end to end data communi...Internet of things security multilayered method for end to end data communi...
Internet of things security multilayered method for end to end data communi...Akash AR
 
Penetration testing
Penetration testingPenetration testing
Penetration testingAmmar WK
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksIcomm Technologies
 
Inadequate Security Practices Expose Key NASA Network to Cyber Attack
Inadequate Security Practices Expose Key NASA Network to Cyber AttackInadequate Security Practices Expose Key NASA Network to Cyber Attack
Inadequate Security Practices Expose Key NASA Network to Cyber AttackBill Duncan
 
Honeypot- An Overview
Honeypot- An OverviewHoneypot- An Overview
Honeypot- An OverviewIRJET Journal
 
Hacking
HackingHacking
Hackinggvsai501
 
Attackers May Depend On Social Engineering To Gain...
Attackers May Depend On Social Engineering To Gain...Attackers May Depend On Social Engineering To Gain...
Attackers May Depend On Social Engineering To Gain...Tiffany Sandoval
 
Information gatherimg
Information gatherimgInformation gatherimg
Information gatherimgAshok kumar sandhyala
 
Tools.pptx
Tools.pptxTools.pptx
Tools.pptxImXaib
 
Engineering Internship Report - Network Intrusion Detection And Prevention Us...
Engineering Internship Report - Network Intrusion Detection And Prevention Us...Engineering Internship Report - Network Intrusion Detection And Prevention Us...
Engineering Internship Report - Network Intrusion Detection And Prevention Us...Disha Bedi
 
Module 7 (sniffers)
Module 7 (sniffers)Module 7 (sniffers)
Module 7 (sniffers)Wail Hassan
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxSuhailShaik16
 
IRJET- Phishing Website Detection System
IRJET- Phishing Website Detection SystemIRJET- Phishing Website Detection System
IRJET- Phishing Website Detection SystemIRJET Journal
 
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxDomain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxInfosectrain3
 

Weitere ähnliche Inhalte

Was ist angesagt?

Brian Ghilliotti: Electronic Commerce: Applications of Raspberry Pie: Norwalk...
Brian Ghilliotti: Electronic Commerce: Applications of Raspberry Pie: Norwalk...Brian Ghilliotti: Electronic Commerce: Applications of Raspberry Pie: Norwalk...
Brian Ghilliotti: Electronic Commerce: Applications of Raspberry Pie: Norwalk...Brian Ghilliotti
 
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...IOSR Journals
 
Malware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient TruthMalware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient TruthAGILLY
 
iOS Security and Encryption
iOS Security and EncryptioniOS Security and Encryption
iOS Security and EncryptionUrvashi Kataria
 
Security News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreSecurity News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreInMobi Technology
 
Internet of things security multilayered method for end to end data communi...
Internet of things security multilayered method for end to end data communi...Internet of things security multilayered method for end to end data communi...
Internet of things security multilayered method for end to end data communi...Akash AR
 
Penetration testing
Penetration testingPenetration testing
Penetration testingAmmar WK
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksIcomm Technologies
 
Inadequate Security Practices Expose Key NASA Network to Cyber Attack
Inadequate Security Practices Expose Key NASA Network to Cyber AttackInadequate Security Practices Expose Key NASA Network to Cyber Attack
Inadequate Security Practices Expose Key NASA Network to Cyber AttackBill Duncan
 

Was ist angesagt? (12)

Anonymizers
AnonymizersAnonymizers
Anonymizers
 
Brian Ghilliotti: Electronic Commerce: Applications of Raspberry Pie: Norwalk...
Brian Ghilliotti: Electronic Commerce: Applications of Raspberry Pie: Norwalk...Brian Ghilliotti: Electronic Commerce: Applications of Raspberry Pie: Norwalk...
Brian Ghilliotti: Electronic Commerce: Applications of Raspberry Pie: Norwalk...
 
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...
 
Malware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient TruthMalware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient Truth
 
M0704071074
M0704071074M0704071074
M0704071074
 
iOS Security and Encryption
iOS Security and EncryptioniOS Security and Encryption
iOS Security and Encryption
 
Security News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreSecurity News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet Bangalore
 
Es34887891
Es34887891Es34887891
Es34887891
 
Internet of things security multilayered method for end to end data communi...
Internet of things security multilayered method for end to end data communi...Internet of things security multilayered method for end to end data communi...
Internet of things security multilayered method for end to end data communi...
 
Penetration testing
Penetration testingPenetration testing
Penetration testing
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate Networks
 
Inadequate Security Practices Expose Key NASA Network to Cyber Attack
Inadequate Security Practices Expose Key NASA Network to Cyber AttackInadequate Security Practices Expose Key NASA Network to Cyber Attack
Inadequate Security Practices Expose Key NASA Network to Cyber Attack
 

Ähnlich wie Footprinting _ By Mujmmil Shaikh

Honeypot- An Overview
Honeypot- An OverviewHoneypot- An Overview
Honeypot- An OverviewIRJET Journal
 
Attackers May Depend On Social Engineering To Gain...
Attackers May Depend On Social Engineering To Gain...Attackers May Depend On Social Engineering To Gain...
Attackers May Depend On Social Engineering To Gain...Tiffany Sandoval
 
Tools.pptx
Tools.pptxTools.pptx
Tools.pptxImXaib
 
Engineering Internship Report - Network Intrusion Detection And Prevention Us...
Engineering Internship Report - Network Intrusion Detection And Prevention Us...Engineering Internship Report - Network Intrusion Detection And Prevention Us...
Engineering Internship Report - Network Intrusion Detection And Prevention Us...Disha Bedi
 
Module 7 (sniffers)
Module 7 (sniffers)Module 7 (sniffers)
Module 7 (sniffers)Wail Hassan
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxSuhailShaik16
 
IRJET- Phishing Website Detection System
IRJET- Phishing Website Detection SystemIRJET- Phishing Website Detection System
IRJET- Phishing Website Detection SystemIRJET Journal
 
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxDomain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxInfosectrain3
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleGregory Hanis
 
Ceh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networksCeh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networksAsep Sopyan
 
Internet Relay Chat Forensics
Internet Relay Chat ForensicsInternet Relay Chat Forensics
Internet Relay Chat ForensicsIJSRD
 
A Deeper Look into Network Traffic Analysis using Wireshark.pdf
A Deeper Look into Network Traffic Analysis using Wireshark.pdfA Deeper Look into Network Traffic Analysis using Wireshark.pdf
A Deeper Look into Network Traffic Analysis using Wireshark.pdfJessica Thompson
 
ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.
ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.
ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.ITCamp
 

Ähnlich wie Footprinting _ By Mujmmil Shaikh (20)

Honeypot- An Overview
Honeypot- An OverviewHoneypot- An Overview
Honeypot- An Overview
 
Hacking
HackingHacking
Hacking
 
Attackers May Depend On Social Engineering To Gain...
Attackers May Depend On Social Engineering To Gain...Attackers May Depend On Social Engineering To Gain...
Attackers May Depend On Social Engineering To Gain...
 
Information gatherimg
Information gatherimgInformation gatherimg
Information gatherimg
 
Tools.pptx
Tools.pptxTools.pptx
Tools.pptx
 
Engineering Internship Report - Network Intrusion Detection And Prevention Us...
Engineering Internship Report - Network Intrusion Detection And Prevention Us...Engineering Internship Report - Network Intrusion Detection And Prevention Us...
Engineering Internship Report - Network Intrusion Detection And Prevention Us...
 
Module 7 (sniffers)
Module 7 (sniffers)Module 7 (sniffers)
Module 7 (sniffers)
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
 
IRJET- Phishing Website Detection System
IRJET- Phishing Website Detection SystemIRJET- Phishing Website Detection System
IRJET- Phishing Website Detection System
 
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxDomain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
Assingment 5 - ENSA
Assingment 5 - ENSAAssingment 5 - ENSA
Assingment 5 - ENSA
 
Computer and network security
Computer and network securityComputer and network security
Computer and network security
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
 
Ceh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networksCeh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networks
 
Internet Relay Chat Forensics
Internet Relay Chat ForensicsInternet Relay Chat Forensics
Internet Relay Chat Forensics
 
A Deeper Look into Network Traffic Analysis using Wireshark.pdf
A Deeper Look into Network Traffic Analysis using Wireshark.pdfA Deeper Look into Network Traffic Analysis using Wireshark.pdf
A Deeper Look into Network Traffic Analysis using Wireshark.pdf
 
security onion
security onionsecurity onion
security onion
 
Apache Metron: Community Driven Cyber Security
Apache Metron: Community Driven Cyber Security Apache Metron: Community Driven Cyber Security
Apache Metron: Community Driven Cyber Security
 
ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.
ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.
ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.
 

Kürzlich hochgeladen

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Kürzlich hochgeladen (20)

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Footprinting _ By Mujmmil Shaikh

  • 1. IT Security & Ethical Hacking “FOOTPRINTING” BY Er. Mujmmil Shaikh
  • 2. Appin Tech 2011 Table of Content 1. Introduction. 2. Why Footprinting Necessary? 3. Areas & Information which attackers seek. 4. Information Gathering Methodology. 5. Competitive Intelligence Gathering. 6. Footprinting Tools. 7. Who is Tools? 8. DNS Information Extraction Tools. 9. Locating Network Range. 10. E-mail Spiders. 11. Locating Network Activity. 12. Search Engines. 13. How to Fake Websites? 14. Summary. ER.MUJMMIL SHAIKH
  • 3. Appin Tech 2011 Introduction Footprinting is the blueprint of the security profile of an organization, undertaken in a methodological manner. Footprinting is one of the three pre attack phases; an attacker spends 90% of the time in profiling an organization and another 10% in launching the attack. Footprinting results in a unique organization profile with respect to Networks (Internet/intranet/extranet/wireless) and systems involved. Why Footprinting Necessary? Footprinting is necessary to systematically and methodically Ensure that all pieces of information related to the aforementioned technologies are identified. Footprinting is often the most difficult task to determine the security posture of an entity. ER.MUJMMIL SHAIKH
  • 4. Appin Tech 2011 Areas and information which attackers seek INFORMATION GATHERING 1. Information Gathering Methodology  Unearth initial information.  Locate the network range.  Ascertain active machines.  Discover open ports/access points.  Detect operating systems.  Uncover services on ports.  Map the network. ER.MUJMMIL SHAIKH
  • 5. Appin Tech 2011 2. Passive Information Gathering Passive Information Gathering means To understand the current security status of a particular information system, organizations perform either a penetration testing or other hacking techniques. It is done by finding out the freely available details over the internet and by various other techniques without coming in contact with the organizations servers. Organizational and other informative websites are exceptions as the information gathering activities carried out by an attacker do not raise suspicion. COMPETITIVE INTELLIGENCE GATHERING Business moves fast. Product cycles are measured in months, not years. Partners become rivals quicker than you can say „breach of contract.‟ So how can you possibly hope to keep up with your competitors if you can‟t keep an eye on them? It is the process of gathering information about your competitors from resources such as the internet. The competitive intelligence is non-interfering and subtle in nature. It is both a product and a process. ER.MUJMMIL SHAIKH
  • 6. Appin Tech 2011 Why do you need competitive intelligence? ER.MUJMMIL SHAIKH
  • 7. Appin Tech 2011 Competitive intelligence tool: 1. Trellian Trellian compiles and analyzes internet usage statistics to create a powerful competitive intelligence tool that no business should be without ER.MUJMMIL SHAIKH
  • 8. Appin Tech 2011 2. Web Investigator Screenshot:- ER.MUJMMIL SHAIKH
  • 9. Appin Tech 2011 3. Relevant Noise. Screenshot:- ER.MUJMMIL SHAIKH
  • 10. Appin Tech 2011 4. Reputica Dashboard. Screenshot:- ER.MUJMMIL SHAIKH
  • 11. Appin Tech 2011 5. My Reputation. My Reputation finds out everything that is being said about you online and gets rid of the content you do not like. Public & private websites ER.MUJMMIL SHAIKH
  • 12. Appin Tech 2011 FOOTPRINTING TOOLS 1. Big Brother Big brother is designed to see how network is performing in near real-time from any web browser. It displays status information as web pages or WML pages for WAP-enabled devices. Big brother uses a client-server architecture combined with methods which push and pull data. Network testing is done by polling all monitored services from a single machine, and reporting these results to a central location (BBDISPLAY). Big brother include support for testing ftp,http,https,smtp,pop3,dns,telnet,imap,nntp and ssh servers. Screenshot:- ER.MUJMMIL SHAIKH
  • 13. Appin Tech 2011 2. Bile Suite 3. Alchemy Network Tool. ER.MUJMMIL SHAIKH
  • 14. Appin Tech 2011 4. Advanced Administrative Tool (AA) 5. My IP Suite ER.MUJMMIL SHAIKH
  • 15. Appin Tech 2011 WHOIS TOOLS 1. Active whois. Screenshot:- ER.MUJMMIL SHAIKH
  • 16. Appin Tech 2011 2. LAN Whois. Screenshot:- ER.MUJMMIL SHAIKH
  • 17. Appin Tech 2011 3. Country Whois. Screenshot:- ER.MUJMMIL SHAIKH
  • 18. Appin Tech 2011 4. Whereisip. Screenshot:- ER.MUJMMIL SHAIKH
  • 19. Appin Tech 2011 5. IP2country. Screenshot:- ER.MUJMMIL SHAIKH
  • 20. Appin Tech 2011 6. Caller IP. Screenshot:- ER.MUJMMIL SHAIKH
  • 21. Appin Tech 2011 7. Web Data Extractor Tool. 8. Online Whois Tools. ER.MUJMMIL SHAIKH
  • 22. Appin Tech 2011 DNS INFORMATION EXTRACTION TOOLS 1. Spider Foot. Spider foot is a free, open-source, and domain foot printing tool which will scrape the websites on that domain, as well as search Google, Netcraft, Whois, and DNS to build up information like:  Sub domains.  Affiliates.  Web server versions.  Users.  Similar Domains.  Email Addresses.  Net blocks. Screenshot:- ER.MUJMMIL SHAIKH
  • 23. Appin Tech 2011 2. Nslookup. Screenshot:- ER.MUJMMIL SHAIKH
  • 24. Appin Tech 2011 3. Expired Domains. Screenshot:- ER.MUJMMIL SHAIKH
  • 25. Appin Tech 2011 4. Domain king. Screenshot:- ER.MUJMMIL SHAIKH
  • 26. Appin Tech 2011 5. Domain Name Analyzer. Screenshot:- ER.MUJMMIL SHAIKH
  • 27. Appin Tech 2011 6. Domain Inspect. Screenshot:- ER.MUJMMIL SHAIKH
  • 28. Appin Tech 2011 LOCATING NETWORK RANGE 1. Commonly includes:  Finding the range of IP addresses.  Discerning the subnet mask. 2. Information Sources:  ARIN (American registry of internet Numbers).  Trace route. 3. Hacking Tool:  NeoTrace.  Visual Route. ARIN Arin allows searches on the whois database to locate information on a network‟s autonomous system numbers (ASNs), network-related handles, and other related point of contact (POC). ARIN whois allows querying the IP address to find information on the strategy used for subnet Addressing. ER.MUJMMIL SHAIKH
  • 29. Appin Tech 2011 Trace route Trace route works by exploiting a feature of the internet protocol called TTL or Time to Live. Trace route reveals the path IP packets travel between two systems by sending out consecutive sets Of UDP or ICMP packets with ever increasing TTLs. As each router processes an IP packet, it decrements the TTL, when the TTL reaches zero, that router sends back a “TTL exceeded” message (Using ICMP) to the originator. Routers with reverse DNS entries may reveal the name of routers, network affiliation, and geographic location. Screenshot:- ER.MUJMMIL SHAIKH
  • 30. Appin Tech 2011 Trace Route Analysis It is a program that can be used to determine the path from source to destination. By using this information, an attacker determines the layout of a network and the location of each device. For example: after running several trace routes, an attacker might obtain the following information.  Trace route 1.10.10.20, second to last hop is 1.10.10.1.  Trace route 1.10.20.10, third to last hop is 1.10.10.1.  Trace route 1.10.20.10, second to last hop is 1.10.10.50.  Trace route 1.10.20.15, third to last hop is 1.10.10.1.  Trace route 1.10.20.15, second to last hop is 1.10.10.50. ER.MUJMMIL SHAIKH
  • 31. Appin Tech 2011 E-MAIL SPIDERS Have you ever wondered how spammers generate a huge mailing database? They pick tons of e-mail addresses by searching in the internet. All they need is a web spidering tool picking up e- mail addresses and storing them to a database. If these tools run the entire night, they can capture hundreds of thousands of e-mail addresses. Power E-mail Collector Tool o It is a powerful email address harvesting program. o It can collect up to 750,000 unique valid email addresses per hour with a cable/Dsl. o It only collects valid email addresses. o You do not have to worry about ending up with undeliverable addresses. ER.MUJMMIL SHAIKH
  • 32. Appin Tech 2011 LOCATING NETWORK ACTIVITY 1. GEO Spider Tool GEO spider helps you to detect, identify, and monitor your network activity on the world map. You can see website‟s IP address location on the earth. Geo spider can trace a domain name. ER.MUJMMIL SHAIKH
  • 33. Appin Tech 2011 2. Geo where tool. Geo where handles many popular news groups to find answers to your queries in an easy and fast manner. it can also seek information from country specific search engines for better results. Use Geo where to footprint an organizations:  News groups search  Mailing list finder  Easy web search  Daily news ER.MUJMMIL SHAIKH
  • 34. Appin Tech 2011 SEARCH ENGINES A web search engine is designed to search for information on the World Wide Web and FTP servers. The search results are generally presented in a list of results and are often called hits. The information may consist of web pages, images, information and other types of files. Some search engines also mine data available in databases or open directories. Unlike Web directories, which are maintained by human editors, search engines operate algorithmically or are a mixture of algorithmic and human input. A new type of search engine has recently been launched where an individual can own keywords and profit from that relationship. 1. Kartoo Search Engine. 2. Dogpile Search Engine. Search Engine List 1. 20SEARCH 2. ALL THE WEB 3. ALTA VISTA 4. AOL SEARCH 5. ASK JEEVES 6. DOGPILE 7. EBAY 8. EXCITE 9. GIGABLAST 10.GOOGLE 11.IWON 12.JOEANT 13.LYCOS 14.MAMMA 15.MSN 16.NETSCAPE 17.OPEN DIRECTORY 18.WEBCRAWLER 19.WIKIPEDIA 20.YAHOO ER.MUJMMIL SHAIKH
  • 35. Appin Tech 2011 How to fake websites? Website spoofing Website spoofing is the act of creating a website, as a hoax, with the intention of misleading readers that the website has been created by a different person or organization. Another meaning for spoof is fake websites. Normally, the website will adopt the design of the target website and sometimes has a similar URL. Another technique is to use a 'cloaked' URL. By using domain forwarding, or inserting control characters, the URL can appear to be genuine while concealing the address of the actual website. The objective may be fraudulent, often associated with phishing or e-mail spoofing, or to criticize or make fun of the person or body whose website the spoofed site purports to represent. Steps to create fake login pages: 1. Open any form building website (www.xyz.com) & sign up. 2. Login with newly registered account. 3. Click > create first form. 4. Delete all pre-defined entries and just leave „first name‟. 5. Click > first name & click > power tool option. 6. Double click > password Box. 7. Click the newly form password entry to rename it as „password‟. 8. Click > properties option. 9. Give any title to the form. 10.Put any link. 11.Open source code option. 12.Code is save “.html” Format. 13.Using free hosting website upload file. ER.MUJMMIL SHAIKH