Footprinting is one of the most important techniques security auditing, since allows them gather information about the target we are analysing.
In the process to collect information about our target we can diferentiate two phases,the first one is where we obtain public information without interact with the objective and the second one is where we can use tools such as port scanning.
In the process to collect information about our target we can diferentiate two phases, the first one is the passive where we obtain public information about our target without interact with the objective and the second one is the phase where we can use tools such as port scanning or banner grabbing.
These could be the talking points:
1.Introduction to footprinting I will comment the main footprinting phases:
Passive Footprinting where we collect public information and building a map of the server or domain objective, without interacting directwith it.
Active Footprinting where there is an active target identification through and techniques such as port scanning, and different identifications of services, operating systems and server banners.
2.Footprinting tools
For applying footprinting techniques we can use tools for obtain domain information such as whois,apply inverse querys from DNS and name servers. Also we can use third services such as robtex and serversniff for obtain more information. We can use public information sources,between these tools we can highlight shodan,scans,zmap and censys
3.Port scanning with nmap
With nmap we can check ports open for a target ip or domain and with nmap scripts we can check vulnerabilities in open ports For example,if the mysql port is opened,check if the server has some vulnerability relationed with this service.I will show nmap scripts for checking this vulnerabilities.
Speakers: José Manuel Ortega