Ethical Hacking - Footprinting

Footprinting is a part of Reconnaissance process. Footprinting is the first step of ethical hacking. Footprinting is used to collect information of a target computer system or network. The collected information through Footprinting may include the following information –
  • Information about target Operating System
  • Information about Domains, Sub-domains, IP  Addresses, Whois and DNS records
  • Information about web application, directories, contents, Firewalls
  • Topology of the target network
  • Security configuration of the target system
  • Email Address, Password or other sensitive information

This information helps to identify different possible ways to enter into the target system or network. Footprinting helps to determine the security as well as weakness of the target system or network. Without Footprinting, the attacker is less likely to succeed with exploitation of the vulnerabilities in the target system.

Footprinting is commonly classified into two forms –
1. Active Footprinting
It means collecting information about the target with direct interaction. In Active Footprinting, the target may recognize the ongoing information gathering process because the attacker and target system interact directly.
2. Passive Footprinting
It means collecting information about the target without direct interaction. Passive Footprinting is difficult because there is no direct interaction. Passive Footprinting can only collect information about the target using search engines, social engineering, and so on.

Footprinting Methodology
Internet is a source of information. The information collected through Footprinting from internet or other sources, depends on the hard effort of the attacker. The Footprinting Methodology is a procedure for collecting information about the target from all available sources. We can collect information about the target through the following methods.
  • Footprinting through Search Engines
  • Footprinting through Advance Google Hacking Techniques
  • Footprinting through Social Networking Sites
  • Footprinting through Websites
  • Footprinting through Email
  • Footprinting through WHOIS and DNS
  • Footprinting through Social Engineering
  • Footprinting through Network