1. Footprint the Webserver

An ethical hacker or penetration tester must perform footprinting to detect the loopholes in the web server of the target organization.

1. Information gathering using Ghost Eye

LogoGitHub - BullsEye0/ghost_eye: Ghost Eye Informationgathering Footprinting Scanner and Recon Tool Release. Ghost Eye is an Information Gathering Tool I made in python 3. To run Ghost Eye, it only needs a domain or ip. Ghost Eye can work with any Linux distros if they support Python 3. Author: Jolanda de KoffGitHub
git clone https://github.com/BullsEye0/ghost_eye.git
cd ghost_eye
pip3 install -r requirements.txt

Now launch it

python3 ghost-eye.py

We can use the tool for WHOIS lookup, DNS etc and also scan for clickjacking vulnerability

2. Perform Web Reconnaisance using skipfish

Logoskipfish | Kali Linux ToolsKali Linux

3. Footprint Webserver using Httprecon

Logohttprecon project - advanced http fingerprinting

4. Footprinting using ID serve

LogoGRC | ID Serve - Internet Server Identification Utility

5. Footprinting using netcat and Telnet

netcat

nc -vv certifiedhacker.com 443
GET / HTTP/1.0

telnet

telnet certifiedhacker.com 443
GET / HTTP/1.0

6. Enumeration Webserver using NSE script

nmap -sV --script http-enum certifiedhacker.com

Now to enumerate the hostnames use the following script

nmap --script hostmap-bft -script-args hostmap.bfk=hostmap- certifiedhacker.com

http trace scanner

nmap --script http-trace certifiedhacker.com

Http WAF (Firewall) detection

nmap -p 80 --script http-waf-detect certifiedhacker.com

7. Uniscan webserver footprinting

Logouniscan | Kali Linux ToolsKali Linux
LogoCertified Ethical Hacker (CEHv12) Practical hands on LabsUdemy
PreviousModule 13. Hacking Web ServersNext2. Perform Webserver attacks

Last updated

Was this helpful?