9. Footprinting using footprinting tools

1. Footprinting with Recon-ng

Start the tool

recon-ng

install all the modules

marketplace install all

list all modules

modules search

Now create a workspace and select it

workspaces create CEH
workspaces select CEH

Add a website to the recon list

load the module for brute forcing hosts

Now run it with run command

You can view the hosts with the following command

Now to resolve the host with bing

Now reverse lookup

create a report

Whois with Recon-ng

create a new workspace

Now select the whois module

Set the website as target

Check the names and usernames on social media.

checking profiles on social media (very good results)

Getting subdomains and other info about the target (Most important)

2. Maltego recon

website>DNS using name schema>DNS SOA>DNS Mx>DNA nameservers>DNS IP address>location>

website>domains>whois

3. OSRFramework

Good for quickly finding subdomains.

GitHub - i3visio/solana-mev-bot: https://t.me/i3visioo Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana Mev Bot Solana MevBotGitHub

Run as root.

Finding user accounts of a username

4. Footprinting using FOCA (windows)

Domains and document analysis

5. Billcipher

Allows to select the modules do the recon.

GitHub - bahatiphill/BillCipher: Information Gathering tool for a Website or IP addressGitHub

6. OSINT Framework

Other tools

GitHub - s0md3v/ReconDog: Reconnaissance Swiss Army KnifeGitHub

GitHub - Moham3dRiahi/Th3inspector: Th3Inspector 🕵️ Best Tool For Information Gathering 🔎GitHub

GitHub - evyatarmeged/Raccoon: A high performance offensive security tool for reconnaissance and vulnerability scanningGitHub

Exam Prep & Training for CEH Practical (Unofficial Course)Udemy