02. Footprinting and Reconnaissance

Question 1

What is FOOTPRINTING?

Answer 1

Footprinting is the first step of any attack on information systems in which an attacker collects information about a target network to identify various ways to intrude into the system.

Question 2

What is PASSIVE FOOTPRINTING?

Answer 2

Gathering information about the target without direct interaction.

Question 3

What is ACTIVE FOOTPRINTING?

Answer 3

Gathering information about the target with direct interaction.

Question 4

Give three examples of Organisation Information recovered from FOOTPRINTING.

Answer 4

employee details, telephone numbers, branch and location details, background of the organisation, web technologies, news articles, press releases, related documents

Question 5

Give three examples of Network Information recovered from FOOTPRINTING.

Answer 5

domain and sub-domains, network blocks, network topology, trusted routers, firewalls, IP addresses of reachable systems, Whois records, DNS records

Question 6

Give three examples of System Information recovered from FOOTPRINTING.

Answer 6

web server OS, location of web servers, publicly available email addresses, usernames and passwords

Question 7

What is [cache:]? (GOOGLE HACKING)

Answer 7

Displays the web pages stored in the google cache.

Question 8

What is [link:]? (GOOGLE HACKING)

Answer 8

Lists web pages that have links to the specified web page.

Question 9

What is [related:]? (GOOGLE HACKING)

Answer 9

Lists web pages that are similar to the specified web page.

Question 10

What is [info:]? (GOOGLE HACKING)

Answer 10

Presents some information that Google has abbout a particular web page.

Question 11

What is [site:]? (GOOGLE HACKING)

Answer 11

Restricts the results to those websites in the given domain.

Question 12

What is [allintitle:]? (GOOGLE HACKING)

Answer 12

Restricts the results to those websites containing all the search keywords in the title.

Question 13

What is [intitle:]? (GOOGLE HACKING)

Answer 13

Restricts the results to documents containing the search keyword in the title.

Question 14

What is [allinurl:]? (GOOGLE HACKING)

Answer 14

Restricts the results to those containing all the search keywords in the URL.

Question 15

What is [inurl:]? (GOOGLE HACKING)

Answer 15

Restricts the results to documents containing the search keyword in the URL.

Question 16

What is [location:]? (GOOGLE HACKING)

Answer 16

Finds information for a specific location.

Question 17

What is the GOOGLE HACKING DATABASE? (GHDB)

Answer 17

The Google Hacking Database (GHDB) is an authoritative source for querying the ever-widening reach of the Google search engine.

Question 18

What is the DEEP WEB?

Answer 18

It consists of web pages and contents that are hidden and unindexed and cannot be located using traditional web browsers and search engines. It can be accessed by search engines like Tor Browser and The WWW Virtual Library.

Question 19

What is WEBSITE FOOTPRINTING?

Answer 19

Website footprinting refers to the monitoring and analysis of the target organisation’s website for information.

Question 20

What may examining the HTML source code provide?

Answer 20

Comments present in the source code, Contact details of the web developer or admin, File system structure and script type

Question 21

What may examining COOKIES provide?

Answer 21

Software in use and its behaviour, Scripting platforms used

Question 22

What are WEB SPIDERS?

Answer 22

Web spiders, like Web Data Extractor and ParseHub, perform automated searches on the target website and collect specified information such as employee names and email addresses. Attackers use the collected information to perform footprinting and social engineering attacks.

Question 23

What is USER-DIRECTED SPIDERING? (three steps)

Answer 23

Attackers use standard web browsers to walk through the target website functionalities. The incoming and outgoing traffic of the target website is monitored and analyzed by tools that include features of both a web spider and an intercepting proxy. Attackers use tools like Burp Suite and WebScarab to perform user-directed spidering

Question 24

What is the purpose of MIRRORING an ENTIRE WEBSITE?

Answer 24

Mirroring an entire website onto a local system enables an attacker to browse a website offline; it also assists in finding directory structure and other valuable information from the mirrored copy without sending multiple requests to the web server.

Question 25

What do WEB MIRRORING tools do?

Answer 25

Web mirroring tools (like HTTrack Web Site Copier, and Cyotek WebCopy) allow you to download a website to a local directory, recursively building all directories, HTML, images, flash, videos, and other files from the server to your computer.

Question 26

What is the purpose of TRACKING EMAIL COMMUNICATIONS?

Answer 26

Attackers track emails to gather information about a target recipient, such as IP addresses, geolocation, browser and OS details, etc.

Question 27

What is the WHOIS LOOKUP?

Answer 27

Whois databases are maintained by the Regional Internet Registries and contain personal information of domain owners.

Question 28

What is the purpose of FINDING IP GEOLOCATION INFORMATION?

Answer 28

IP geolocation helps to identify information such as couuntry, region/state, city, ZIP/postal code, time zone, connection speed, ISP (hosting company), domain name, IDD country code, area code, mobile carrier, and elevation. Finding this information helps attackers with launching social engineering attacks, like spamming or phishing

Question 29

What does NETWORK RANGE INFORMATION tell an attacker?

Answer 29

Network range information assists attackers in creating a map of the target network.