Skip to main content

Information Gathering

By RoCk StAr DeViL
As per OWASP Testing Guide v4, the first phase in security assessment is focused on collecting as much information as possible about a target application. Information Gathering is the most critical step of an application security test. The security test should endeavour to test as much of the code base as possible. Thus mapping all possible paths through the code to facilitate thorough testing is paramount.

This task can be carried out in many different ways.

By using public tools (search engines), scanners, sending simple HTTP requests, or specially crafted requests, it is possible to force the application to leak information, e.g., disclosing error messages or revealing the versions and technologies used.

Below are the list of tools, are used to gather information.
  • acccheck
  • ace-voip
  • Amap
  • Automater
  • bing-ip2hosts
  • braa
  • CaseFile
  • CDPSnarf
  • cisco-torch
  • Cookie Cadger
  • copy-router-config
  • DMitry
  • dnmap
  • dnsenum
  • dnsmap
  • DNSRecon
  • dnstracer
  • dnswalk
  • DotDotPwn
  • enum4linux
  • enumIAX
  • exploitdb
  • Fierce
  • Firewalk
  • fragroute
  • fragrouter
  • Ghost Phisher
  • GoLismero
  • goofile
  • hping3
  • InTrace
  • iSMTP
  • lbd
  • Maltego Teeth
  • masscan
  • Metagoofil
  • Miranda
  • Nmap
  • ntop
  • p0f
  • Parsero
  • Recon-ng
  • SET
  • smtp-user-enum
  • snmpcheck
  • sslcaudit
  • SSLsplit
  • sslstrip
  • SSLyze
  • THC-IPV6
  • theHarvester
  • TLSSLed
  • twofi
  • URLCrazy
  • Wireshark
  • WOL-E
  • Xplico
Labels:

Comments

Post a Comment

plz add ur comment here

Popular posts from this blog

Wordpress hacking - How to install / run wpscan on windows xp / windows 7 / windows 10

By RoCk StAr DeViL
HOW TO RUN WPSCAN ON WINDOWS Byrockstardevil Requirements: rubyinstaller Development Kit for rubyinstaller curl DLL for windows : libcurl.dll 1 - install rubyinstaller you must have Ruby 2.2.3 version . download links here : http://rubyinstaller.org/downloads/ for more info : https://github.com/oneclick/rubyinstaller/wiki 2 - install Development Kit for rubyinstaller download link : http://rubyinstaller.org/downloads/ how to install : https://github.com/oneclick/rubyinstaller/wiki/Development-Kit if you face that problem  "unknown encoding name -  (ArgumentError)" just type "chcp 1252" in cmd and hit enter 3 - install libcurl.dll A - Download libcurl.dll from : http://www.confusedbycode.com/curl/ B - copy libcurl.dll copy  libcurl.dll into ruby bin folder or wpscan folder and make sure to add it to your PATH. I also added .DLL to PATHEXT ex : C:\Ruby21-x64\bin\ you can visit : http://www.computerhope.com/issues/ch000549.htm to know to set the p...
2 comments
Read more

Upcoming Book- Kali Linux Revealed: Mastering the Penetration Testing Distribution

By RoCk StAr DeViL
More exciting news! In the past year, Kali Linux Official Team has been working internally on an Official Kali Linux book – Kali Linux Revealed: Mastering the Penetration Testing Distribution . This is the first official Kali book from Offsec Press , and is scheduled for release on June 5th, 2017 . Kali Linux Revealed will be available in both hard copy and online formats. Keeping the Kali Linux spirit, the online version of the book will be free of charge, allowing anyone who wishes to hone their skills and improve their knowledge of Kali to do so at no cost. This book, together with our official Kali documentation site will encompass the body of knowledge for the Kali Linux Certified Professional   (KLCP) .
1 comment
Read more

Check Disk space in Kali Linux

By RoCk StAr DeViL
After installing Kali Linux on hard drive or on virtual machine, we may have come across with a warning message of " Low Disk usage ". It happens when we allocate insufficient disk space during partition for kali linux or else when we do a regular "update" and "upgrade" of patches or downloading softwares. Kali Linux comes with a graphical built-in tool, i.e. Disk Usage Analyzer . This tool helps you to check the disk space usage. There are other options too, to check usage as per file system. If you need to check from terminal(for non-gui users), then there are two classic commands available for every linux distros, i.e.  (a) df : Report file system disk space usage (b) du : Estimate file space usage df command is used to check free disk space. You can type df -h or df -k to list free disk space. It displays statistics about the amount of free disk space on the specified file system or on the file system of which file is a part. Values are displayed in...
Post a Comment
Read more