Category: Information Gathering

Brute-force, Enumeration, Information Gathering

SubBrute – fast subdomain enumeration tool

SubBrute is a DNS meta-query spider tool that enumerates DNS records, and subdomains. SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain enumeration tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting. This design …

General, Information Gathering, News, Privacy, Security

Tracking techniques are getting “deeper”…

As people are getting more and more aware of possible security risks, the well known surveillance firms find deeper and lower-level ways for getting access to your data. With just a few days difference, we are hearing about possible spying firmware on our hard drives and stolen encryption keys for our SIM cards! Pretty interesting… …

DNS, Enumeration, Information Gathering, Reconnaissance

Retrieve MX records

nslookup is a command-line administrative tool for testing and troubleshooting DNS servers. The syntax for noninteractive mode is: nslookup [-option] [hostname] [server]nslookup [-option] [hostname] [server] Parameters Commands:   (identifiers are shown in uppercase, [] means optional)  NAME            – print info about the host/domain NAME using default                    server  NAME1 NAME2     – as above, but use NAME2 …

DNS, Information Gathering

Resolve hostname to ip without using ping

To resolve a hostname to its IP address without using Ping (ICMP echo request), you can use dig or nslookup. You should avoid using ping because ICMP requests may alert administrators when an IDS/IPS system is installed at the target system or even worse ICMP echo requests are blocked from a firewall.   dig hostnamedig …

Information Gathering, Metasploit, Reconnaissance

Email harvesting with Metasploit

Email harvesting is the process of obtaining lists of email addresses using various methods. You can check on your own what emails, attackers are going to find about your domain using Metasploit’s module, Search Engine Domain Email Address Collector. This module uses Google, Bing and Yahoo to create a list of valid email addresses for …

Information Gathering

Information Gathering with Harvester

The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. This tool is intended to help Penetration testers in the early stages of the penetration test in order to understand the customer footprint on …