Open post

Google Hacking | Open Web Information Gathering

ETHICAL HACKING – Information Gathering

  1. How to use dnsenum for dns enumeration – Kali
  2. How to use dig command in Kali Linux
  3. whois Kali Linux commands with example
  4. Enumerating DNS Records through dnsenum tool in Kali Linux
  5. Email Harvesting by theharvester tool in Kali Linux
  6. Google Hacking | Open Web Information Gathering
  7. dnsmap | DNS Domain name system brute force attacks
  8. Zone Transfer using dnswalk tool
  9. Website information Gathering through Nikto tool
  10. Search Senstive Data through Metagoofil Kali Linux 2.0
  11. 8 Steps to run Maltego Kali Linux – beginner guide

Learn best Google hacking tricks for hacker OR Penetration Tester

Hacker or Penetration tester uses Google search tricks called Google hacking tricks to gather the information about target by open web. How to hack Google, if you want to hack Google use Google Hacking Database. Google Hacking is a Open Web Information Gathering Technique.

Before starts engagement with the organization, it is important to browse target’s website to gather the information which is available publicly. In this step you will be able to gather information like , contact  information,  phone  and  fax  numbers,  emails,  company  structure,  geographical location, address and  so  on. Sometimes it is general task provide you a big information.

How to hack Google?

The  Google  search  engine  is  a  security  auditor’ʹs  best  friend,  especially  when  it  comes  to   information  gathering

search camera by using operator

Enumerating with Google an Open Web Information Gathering

Google supports many search operators, which allow to security auditor point on the particular search. For the example a “site” is a search operator which displays all related domains of the target. And decrease the number of search result related target.

google hacking site microsoft

In this example, site operator search over 59 million results, related with Microsoft site it mean all result contains Microsoft.com. I we want to search of microsoft’s subdomains use exclude site operator –site.

microsoft subdomain

It’s  easy  to  see  how  the  many  other  search  operators  such  as  filetype,  inurl  and  intitle15   can  also  be  used  to  find  information  about  a  target  organization.

known hardware vulnerability 1

intitle:”netbotz appliance” “OK” -filetype:pdf

Find web command execution interface

Another example

find out the passwords

Google Hacking Database

The Google Hacking Database (GHDB) is a database of queries used by hackers to identify sensitive data on your website such as portal logon pages, logs with network security information, and so on. Although Google blocks some of the better known Google hacking queries, nothing stops a hacker from crawling your site and launching the Google Hacking Database queries directly onto the crawled content.

google hacking databaseOpen Web Information Gathering

https://www.exploit-db.com/google-hacking-database/

Open post
Maltego Kali Linux

8 Steps to run Maltego Kali Linux – beginner guide

MODULE 4:- Information Gathering

  1. How to use dnsenum for dns enumeration – Kali
  2. How to use dig command in Kali Linux
  3. whois Kali Linux commands with example
  4. Enumerating DNS Records through dnsenum tool in Kali Linux
  5. Email Harvesting by theharvester tool in Kali Linux
  6. Google Hacking | Open Web Information Gathering
  7. dnsmap | DNS Domain name system brute force attacks
  8. Zone Transfer using dnswalk tool
  9. Website information Gathering through Nikto tool
  10. Search Senstive Data through Metagoofil Kali Linux 2.0
  11. 8 Steps to run Maltego Kali Linux – beginner guide

Familiar with Maltego Kali Linux

Welcome you, I am glad you are here and continue reading my notes on Penetration Testing Tutorial and this post is part of Information Gathering and This article will cover Maltego Kali Linux  is an open source intelligence and forensics application. It will offer you timous mining and gathering of information as well as the representation of this information in a easy to understand format.

What does Maltego do ?

  • Maltego is an Information gathering tools inbuilt in Kali Linux by default and can be used for determining the relationships and real world links between:
    • People
    • Groups of people (social networks)
    • Companies
    • Organizations
    • Web sites
    • Internet infrastructure such as:
      • Domains
      • DNS names
      • Netblocks
      • IP addresses
    • Phrases
    • Affiliations
    • Documents and files
  • These entities are linked using open source intelligence.
  • Maltego is available for Window, Mac and Linux. You can download and install it on any platform.
  • Maltego is comes with Graphical interface that makes easy to use and see these relationships instant and accurate.
  • Using the graphical user interface (GUI) you can see relationships easily – even if they are three or four degrees of separation away.
  • Maltego is unique because it uses a powerful, flexible framework that makes customizing possible. As such, Maltego can be adapted to your own, unique requirements.

 

Use of Maltego as Information gathering tools:

  • Maltego can be used for the information gathering phase of all security related work. It will save you time and will allow you to work more accurately and smarter.
  • Maltego aids you in your thinking process by visually demonstrating interconnected links between searched items.
  • Maltego provide you with a much more powerful search, giving you smarter results.
  • If access to “hidden” information determines your success, Maltego can help you discover it.

 

Run Maltego in Kali Linux

As you know Maltego is available in kali linux by defalt. So you can run by going Aplication > Information Gathering > Maltegoce

Or simple run command in terminal as a normal or super user

$maltego &

Run-Maltego

Welcome screen will be appear

Welcome-page-for-maltegoce

Registration/login on Maltego Server:

When you run the maltego in kali linux the Welcome screen will appear and start setup wizard click on next to jump on next step,

maltego-register

Step 2: This screen for login user on Maltego server. If you are new register on maltego’s website https://www.paterva.com/web6/community/maltego/ then login with right credential (Username and password)

Enter-username-and-password-after-registration

If you will enter right credential you login result appear some thing like image

login-result

 

Step 3: When you loged in successfuly on Maltego Server, you will Select transform seeds and install. After complete transform installation you are ready to run new Machine for gathering information.

update-transform

Setp 4: Select Run new Machine and click finish.

run-a-machine

Step 5: New wizard will be popup you can run machine by current wizard or cancel this wizard and run by Maltego program. If you want to run Machine with this wizard then select Machine type and click Next .

company-stalker

 

Step 6: If you select company stalker then you will have to specify target (domain name) in new window, Provide domain (target) and click Finish.

provide-domain-name

After run stalker successfully you will get result like following

result-of-company-stalker

Step 7: Create New Graph:

Step 8: Start new graph by click on left corner. Drag and drop domain and enter the domain name, right click on domain and run desired transform

start-new-graph-and

Give the domain name I am going to give cyberpedia.in

provide-domain-name-q

My next target to gather the information about email addresses. So I need to transform “run email addresses from domain”. If you want to do same write click on domain and select Email addresses from Domain.

get-email-address

New transforms will appear try each and everyone continuously you will get some interesting result.

get-email-by-whois

Result Here

result-for-mail

Run another transforms and get detail of name servers, mail servers, IP addresses and much more.

run-other-stalker

.

Infrastructure Reconnaissance

Maltego helps to gather a lot of information about the infrastructure. In order to start gathering information, select the desired entity from the palette. In this example, we are going to scan a domain. Select the domain option from the palette and drag the option to the workspace. Enter the target domain. Now right-click on the entity and you should be getting an window that says “Run Transform” with additional relevant options.

Run the required transform and find out information like the MX, NS and IP address. We can then use transforms like ‘IPAddressToNetblock’ to break a large netblock into smaller networks for better understanding.

Also we can find the shared domains. We can determine information like IP addresses for domains and other internal networks, the netblocks which are used by the target, etc.

Personal Reconnaissance

Maltego helps you find information about a person, like their email address, social profiles, mutual friends, various files shared on various URLs, etc. Select the desired option from the palette. Here I am going to select the option ‘Person’ and will enter the name of the person I will be trying to gather information about.

Right-click on the ‘Person’ option and select the desired transforms. First let’s find the email address related to the person and try to gather more information. With Maltego, we can find their SNS information from Facebook, Flickr, etc.

Various entities in Facebook were detected by using the transform “toFacebookaffiliation.” This method generally looks for a Facebook affiliation that matches closely to a person’s name based on the first and last name and weighs each result accordingly. With Maltego we can also find mutual friends of two targeted persons in order to gather more information.

Similarly, we can find if the user has uploaded any files in pastebin or any other public URLs. Having all this information can be useful for performing a social engineering-based attack.

Scroll to top