1. Footprint the Webserver
An ethical hacker or penetration tester must perform footprinting to detect the loopholes in the web server of the target organization.
1. Information gathering using Ghost Eye
git clone https://github.com/BullsEye0/ghost_eye.git
cd ghost_eye
pip3 install -r requirements.txt
Now launch it
python3 ghost-eye.py

We can use the tool for WHOIS lookup, DNS etc and also scan for clickjacking vulnerability
2. Perform Web Reconnaisance using skipfish
3. Footprint Webserver using Httprecon

4. Footprinting using ID serve

5. Footprinting using netcat and Telnet
netcat
nc -vv certifiedhacker.com 443
GET / HTTP/1.0

telnet
telnet certifiedhacker.com 443
GET / HTTP/1.0

6. Enumeration Webserver using NSE script
nmap -sV --script http-enum certifiedhacker.com

Now to enumerate the hostnames use the following script
nmap --script hostmap-bft -script-args hostmap.bfk=hostmap- certifiedhacker.com

http trace scanner
nmap --script http-trace certifiedhacker.com
Http WAF (Firewall) detection
nmap -p 80 --script http-waf-detect certifiedhacker.com
7. Uniscan webserver footprinting
Last updated
Was this helpful?