Information Gathering Techniques
◾
63
Command
:
./whatweb slashdot.org reddit.com
Netcraft
Netcraft contains a huge online database with useful information on websites and can be
used for passive reconnaissance against the target. It is also capable of fingerprinting the
webservers.
Google Hacking
Google searches can be more than
a treasure for a pentester, if he uses them effectively. With
Google searches, an attacker may be able to gather some very interesting information, includ-
ing
passwords, on the target. Google has developed a few search parameters in order to
improve targeted search. However, they are abused by hackers to search for sensitive informa-
tion via Google.
