search

1. Footprint the Webserver

An ethical hacker or penetration tester must perform footprinting to detect the loopholes in the web server of the target organization.

hashtag
1. Information gathering using Ghost Eye

LogoGitHub - BullsEye0/ghost_eye: Ghost Eye Informationgathering Footprinting Scanner and Recon Tool Release. Ghost Eye is an Information Gathering Tool I made in python 3. To run Ghost Eye, it only needs a domain or ip. Ghost Eye can work with any Linux distros if they support Python 3. Author: Jolanda de KoffGitHubchevron-right
git clone https://github.com/BullsEye0/ghost_eye.git
cd ghost_eye
pip3 install -r requirements.txt

Now launch it

We can use the tool for WHOIS lookup, DNS etc and also scan for clickjacking vulnerability

hashtag
2. Perform Web Reconnaisance using skipfish

Logoskipfish | Kali Linux ToolsKali Linuxchevron-right

hashtag
3. Footprint Webserver using Httprecon

Logohttprecon project - advanced http fingerprintingwww.computec.chchevron-right

hashtag
4. Footprinting using ID serve

LogoGRC | ID Serve - Internet Server Identification Utilitywww.grc.comchevron-right

hashtag
5. Footprinting using netcat and Telnet

hashtag
netcat

hashtag
telnet

hashtag
6. Enumeration Webserver using NSE script

Now to enumerate the hostnames use the following script

http trace scanner

Http WAF (Firewall) detection

hashtag
7. Uniscan webserver footprinting

Logouniscan | Kali Linux ToolsKali Linuxchevron-right
LogoExam Prep & Training for CEH Practical (Unofficial Course)Udemychevron-right
PreviousModule 13. Hacking Web ServersNext2. Perform Webserver attacks

Last updated