footprinting and phases of hacking

Footprinting and Phases of Hacking

Before attacking a system we have to plan things logically –

There are 5 phases of attacking into a system –

1 – Reconnaissance/Information Gathering/Footprinting – is collecting information about target like where is target? Why we are attacking? What we want? When we do? How we do?

(I) Most time consuming

(ii) Obtain as much info about the target as possible

2 – Scanning – are finding weaknesses that can be exploited

(I) Goal-Identify weaknesses that can be exploited

(ii) Obtain as much info about the target as possible


There are three types of scans –

Ping Scans – Pings a range of IP addresses to finding out the which machine is responding

TCP scans – Check for open-listening TCP ports looking for services

OS footprinting – identifies the operating system by using different signatures

3 – Ping Scans – Accessing the system

For gaining access we can launch exploits –

(i) Web attacks – Owasp Top 10 and sans 25

(ii) Other exploits – Failure to maintain up-to-date software

Haven’t patched common exploited vulnerabilities

4 – Maintaining Access – Maintain the access or can enter again in system

(i) Maintain access and continually escalate the privileges

(ii) Be careful in this phase the longer you maintain access the more chances that you can be caught

(iii) Ultimately a backdoor can be uploaded so we can access the system again at any time


5 – Covering Tracks – Clear the logs and exit the system without leaving any evidence

(i) Erase evidence on targeted system


Footprinting is first step of hacking in this process the main purpose is to gather information about the target.

Types of footprinting :

Active Footprinting – in active footprinting we make direct connection with the target through tools.

Passive Footprinting – in passive footprinting we don’t make direct connection with the target. For example – Social Media

In Passive footprinting we use social media for gather information about the target some are the website which are helpful for gather information about the target are –

Internet Archive (Wayback Machine) is the website to see your target website looks like in the very first version and we can extract website links too.


Foot-Printing Methodology

  1. Foot-printing through Search Engine –> Google, Yahoo, Bing etc
  2. Foot-printing through Advanced google Hacking Techniques –> Using of Google Dorking methods ex – intitle:, filetype:, inurl: – In this website we will get all latest dorks.

Site: etc

  1. Foot-printing through Social Networking platforms –> Face book, Twitter, LinkedIn etc
  2. Foot-printing through Websites –> their own sites
  3. Foot-printing through Email –> whatever email id they are using or provided (ultra tools)
  4. Foot-printing through WHOIS –> you can use tools also or use website i.e. = HYPERLINK “”
  5. Foot-printing through DNS –> getting information about domain by
  6. Foot-printing through Network –> all information about network such as ip address, ports, info about network map.
  7. Foot-printing through Social Engineering –> getting information from people by manipulating them.
  8. Foot-Printing through Competitive intelligence –> Competitive intelligence gathering is the process of gathering information about the competitors from resources such as the Internet.

   Eg: company website, search engine, internet, online databases, press releases, annual

+reports, trade journals

OS Fingerprinting & Ping Scans:

 One method for determining the information about the operating system running on a target machine is called OS fingerprinting.


Two types of Ping Scans:

  1. Active OS Fingerprinting
  2. Passive OS Fingerprinting


Active OS Fingerprinting and Banner Grabbing:


Nmap can easily perform Active Banner Grabbing. For OS Detection nmap allows to send TCP & UDP packets & observe the response from the targeted host ip.


#nmap -O <ip address>


Passive OS Fingerprinting or Banner Grabbing:  

Passive OS Fingerprinting perform by the Analysing Network Traffic along with the special inspection of Time to Live (TTL) value & Window Size.


Banner Grabbing:

Banner Grabbing is similar to OS fingerprinting, but actually, Banner Grabbing is determining the service that are running on the target machine.


Tools and Technique

Wappalyzer – it’s a extension to show which technology website using.

Builtwith – A advanced website for showing all the technology website use.

Who is – For Domain and website information, Database Information, Name of the Registrar etc.


Web site or web Application:

IP Address:   Ping > “ip address”

Server Information

Dedicated or shared –> reverse IP DOMAIN CHEKUP


White list and Black List

– robots.txt

Grabify Ip Logger – For device and public ip location.

Some useful websites where we can get list of vulnerabilities –


1: Exploit-DB

2: CVE- details




Network Scanning

Many Banks in India Lost an Unexpected ₹5.3 Lakh Crores to Frauds in Last 10 Years!

MFA Bombing Taken to the Next Level

About Author

Leave a Reply

Your email address will not be published. Required fields are marked *

Open chat
Can we help you?