Want to learn about the exciting word “Hacking”?
You are in the right place.
As you know, Cyber Security is a new BOOM in the industry and the field have many subdivisions. The common saying is that Information security has a bright future.
Information gathering is the first step for hacking. Here, we will cover very brief but clean introduction of the topic.
Basic terminology for information gathering:
- Injection Point: The target which we want to hack.
- Vulnerability: Flaw or weakness of the system.
- Payload: Script or code that used to identify vulnerability.
- Exploitation: Taking advantage of vulnerability to gain system access.
Know Your Target
Whenever we talk about ethical hacking, we start with the step of information gathering. Knowing your target well is one of the most important steps for hacking your target.
What to know?
The first thing you should know about your target is the site name. Let say you want to find the bug on some banking website or hack your competitor web portal. So, the first thing you want is the name of the website of your target like www.example.com .
Then, the second step is to find all the subdomain of the target website. Subdomains are very important and easy to find with tools like VirusTotal.
VirusTotal is a website created by the Spanish security company Hispasec Sistemas. Launched in June 2004, it was acquired by Google Inc. in September 2012. The company’s ownership switched in January 2018 to Chronicle, a subsidiary of Alphabet Inc..
VirusTotal is a web portal to analyze suspicious files and URLs to detect types of malware.
Once we get the subdomains, our next step is to rank them by their unpopularity, i.e. less traveled roads will be our initial targets.
We can use command ping to find ip address.
Knowing the programming language in which the website is developed is an important thing to know.
whatweb is the command(in Linux) we can use other than VirusTotal to know the website programming language.
Other than the command, we can use google search to find the programming language by searching is there any domain present in the site with some specific programming language.
for example, we can search in google site:www.example.com language_name
By using whatweb command in Linux, we can also find the server name and type that is used for hosting. There are multiple web portal also available to find the server information like whois.net.
Nmap is the best tool to know about open ports of the target machine. By knowing the open target, we can attack the target system.
Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses. Nmap provides a number of features for probing computer networks, including host discovery and service and operating system detection. (Wikipedia)
Nmap is available for windows as well as Linux operating system. Detail tutorial about nmap will be shared in future blog posts.