Phone book/ Electoral Role InformationĢ.2.3.3.1. Hoovers - Business Intelligence, Insight and Results. Google Finance - General Finance PortalĢ.2.2.3. EDGAR - Company information, including real-time filings. Stores older versions of websites, making it a good comparison tool and excellent resource for previously removed data.Ģ.1.3.12. Website listing a large number links to online traceroute resources.Ģ.1.2.14.1. Note: - Can be unreliable with old entries (Use CentralOps to verify)Ģ.1.2.13.1. Excellent website allowing DNS and AS lookups to be performed with a graphical display of the results with pointers, A, MX records and AS connectivity displayed.Ģ.1.2.12.2. Note: - Website utilised by nmap hostmap.nse scriptĢ.1.2.12.1. Finds shared domains based on supplied IP addressesĢ.1.2.11.2. Online search tool allowing queries for host information.Ģ.1.2.11.1. Excellent site that can be used if the above is downĢ.1.2.10.1. Excellent site that gives you details of shared domains on the IP queried/ conversely IP to DNS resolutionĢ.1.2.8.1. Metasearch engine that visually presents its results.Ģ.1.2.7.1. Allows limited free IP lookups to be performed, displaying geolocation information, ISP details and other pertinent information.Ģ.1.2.6.1. Autonomous System lookups and other online tools available.Ģ.1.2.5.1. Online DNS one-stop shop, with the ability to perform a great deal of disparate DNS type queries.Ģ.1.2.3.1. RIPE - Reseaux IP Européens-Network Coordination CentreĢ.1.2.2.1. LACNIC - Latin America & Caribbean Network Information CentreĢ.1.1.4.5. ARIN - American Registry for Internet NumbersĢ.1.1.4.4. APNIC - Asia Pacific Network Information CentreĢ.1.1.4.3. AFRINIC - African Network Information CentreĢ.1.1.4.2. RIR - Regional Internet RegistryĢ.1.1.4.1. NRO - Number Resource OrganisationĢ.1.1.4.
ICANN - Internet Corporation for Assigned Names and Numbers.Ģ.1.1.3.
.png "inssider 4.2.4.1 key")
IANA - Internet Assigned Numbers AuthorityĢ.1.1.2. An active form would be more intrusive and may show up in audit logs and may take the form of an attempted DNS zone transfer or a social engineering type of attack. This would usually involve trying to discover publicly available information by utilising a web browser and visiting newsgroups etc. A passive attack is always the best starting point as this would normally defeat intrusion detection systems and other forms of protection etc. Network Footprinting (Reconnaissance) The tester would attempt to gather as much information as possible about the selected network. Penetration Testing Framework 0.58 by Karim Bellioum 1.
0 kommentar(er)
