Pages: [1]

Author Topic: Seven steps of Information Gathering  (Read 1466 times)

0 Members and 1 Guest are viewing this topic.

Offline hack3rcon

  • Peasant
  • *
  • Posts: 80
  • Cookies: -216
    • View Profile
Seven steps of Information Gathering
« on: August 20, 2015, 09:25:43 am »
Hello.
Someone are bothered because of my questions and ask me why I don't search in Google for find answer and I want to tell, I searched but some answers are silly ans so wrong.
I know Information Gathering involved some steps and many books and site are explained it but never complete. For example for I can't see any good book that explained this phase and they just tell the reader search more and more for find information about victim but how!!!!
I read an article about information gathering and author told about find IP ranges that victim used but never explained how I can find it.
If possible, Please show me a good book or article about Information gathering that explained tools and info.
Report to moderator   Logged

Offline white-knight

  • Knight
  • **
  • Posts: 190
  • Cookies: 26
    • View Profile
Re: Seven steps of Information Gathering
« Reply #1 on: August 20, 2015, 01:48:14 pm »
Google can be a bitch sometimes and you have to weed out the bullshit you find. You can use google search operators to help narrow things down. http://www.googleguide.com/advanced_operators_reference.html


Almost every book on hacking has Information gathering in it. different books will show ways but they all show nmap.
Look through the books here and you should find what you need.


Maybe start with Nmap and the Nmap scripts, Videos and information are everywhere for them.


Or maybe try picking a tool and search " Information gathering with Dig" and so on.


https://www.owasp.org/index.php/Testing:_Information_Gathering


http://www.pentest-standard.org/index.php/Intelligence_Gathering


https://code.google.com/p/pentest-bookmarks/downloads/list









Report to moderator   Logged

Offline hack3rcon

  • Peasant
  • *
  • Posts: 80
  • Cookies: -216
    • View Profile
Re: Seven steps of Information Gathering
« Reply #2 on: August 21, 2015, 07:09:20 am »
Nmap and Dig are not enough. You and your friends told it. I know Nmap and.... but some books tell more about it.
Find more and more.
Can you tell me how you doing it? Step by step. For example you want doing Information Gathering about "Google.com" . I'm sure a hacker never doing "Nmap" or "dig" on google and must researching more. Google and others you many traps and can trick "Nmap".
I want to know what is more research.
Report to moderator   Logged

Offline white-knight

  • Knight
  • **
  • Posts: 190
  • Cookies: 26
    • View Profile
Re: Seven steps of Information Gathering
« Reply #3 on: August 21, 2015, 01:45:53 pm »
Of course Nmap and Dig arn't enough.. They are just examples. There are  hundreds of tools and ways to do information gathering.


The flow of information gathering would differ depending on what your doing.


In the links i shared they list basic things to do..  Did you look at them ? and the one is lots of bookmarks that will help you learn , just import them into ur browser . BAM more information  :o


6 Footprinting[/url][/size][/font]
[/size]
  • 6.1 External Footprinting
      • 6.1.1 Identify Customer External Ranges
      • 6.1.2 Passive Reconnaissance
          • 6.1.2.1 WHOIS Lookups
          • 6.1.2.2 BGP looking glasses
          • 6.1.3 Active Footprinting
            • 6.1.3.1 Port Scanning
            • 6.1.3.2 Banner Grabbing
            • 6.1.3.3 SNMP Sweeps
            • 6.1.3.4 Zone Transfers
            • 6.1.3.5 SMTP Bounce Back
            • 6.1.3.6 DNS Discovery
            • 6.1.3.7 Forward/Reverse DNS
            • 6.1.3.8 DNS Bruteforce
            • 6.1.3.9 Web Application Discovery
            • 6.1.3.10 Virtual Host Detection & Enumeration
          • 6.1.4 Establish External Target List
            • 6.1.4.1 Mapping versions
            • 6.1.4.2 Identifying patch levels
            • 6.1.4.3 Looking for weak web applications
            • 6.1.4.4 Identify lockout threshold

        https://www.youtube.com/playlist?list=PLh3suzD3w9hEuEv9WO_zIahqFfhHd8XPq
      Report to moderator   Logged

      Offline hack3rcon

      • Peasant
      • *
      • Posts: 80
      • Cookies: -216
        • View Profile
      Re: Seven steps of Information Gathering
      « Reply #4 on: August 21, 2015, 10:53:26 pm »
      Excellent. Very complete.
      Can you tell me some books name about hacking? I know amazon.com is full of them but I don't know which one is good for a beginner.
      Thank you again.
      « Last Edit: August 21, 2015, 10:54:22 pm by hack3rcon »
      Report to moderator   Logged

      Offline white-knight

      • Knight
      • **
      • Posts: 190
      • Cookies: 26
        • View Profile
      Re: Seven steps of Information Gathering
      « Reply #5 on: August 22, 2015, 12:12:34 am »
      « Last Edit: August 22, 2015, 01:10:54 am by white-knight »
      Report to moderator   Logged
      Pages: [1]