User Tools

Site Tools

diy:network-recon

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
diy:network-recon [2024/06/13 13:37] – [ping] Humphrey Boa-Gartdiy:network-recon [2024/08/06 05:48] (current) – external edit 127.0.0.1
Line 5: Line 5:
 Lets say this site is, hypothetically, [[http://scanme.nmap.org|scanme.nmap.org]]. So where to begin? Before you can start to do anything (dox, attack, shut down, etc) you first need to run some basic tools. You have to profile where this site intersects with the rest of the internet, and the real world. Lets say this site is, hypothetically, [[http://scanme.nmap.org|scanme.nmap.org]]. So where to begin? Before you can start to do anything (dox, attack, shut down, etc) you first need to run some basic tools. You have to profile where this site intersects with the rest of the internet, and the real world.
  
-===== Finding IP Addresses & Other Basic Info =====+===== Finding IP Addresses & DNS Info =====
  
 Every machine (or **host**) on the internet has an **IP address**, and every domain name resolves to an IP address. Domain names are only aliases for IP addresses because //whatever.com// is easier to remember than //187.158.173.109//. The inverse is not necessarily true. An IP may have no domain name pointing to it. Every machine (or **host**) on the internet has an **IP address**, and every domain name resolves to an IP address. Domain names are only aliases for IP addresses because //whatever.com// is easier to remember than //187.158.173.109//. The inverse is not necessarily true. An IP may have no domain name pointing to it.
Line 113: Line 113:
 [[wp>WHOIS]] is a query and response protocol that is used for querying databases that store an Internet resource's registered users or assignees. These resources include domain names, IP address blocks and autonomous systems, but it is also used for a wider range of other information. The protocol stores and delivers database content in a human-readable format. [[wp>WHOIS]] is a query and response protocol that is used for querying databases that store an Internet resource's registered users or assignees. These resources include domain names, IP address blocks and autonomous systems, but it is also used for a wider range of other information. The protocol stores and delivers database content in a human-readable format.
  
-WHOIS lookups are a great way to find out more information about a web site or IP address. They can clue you in to who the target uses for a host or domain registrar, geographic locations, and sometimes even the real-world names & addresses of the site owners or administrators. WHOIS lookups are a necessary fundamental skill for recon and [[tactics:dox|doxxing]].+WHOIS lookups are a great way to find out more information about a web site or IP address. They can clue you in to who the target uses for a host or domain registrar, geographic locations, and sometimes even the real-world names & addresses of the site owners or administrators. WHOIS lookups are a necessary fundamental skill for  {{tagpage>recon}} and [[tactics:dox|doxxing]].
  
 ==== Domain Information ==== ==== Domain Information ====
Line 131: Line 131:
   $ whois 45.33.32.156   $ whois 45.33.32.156
  
-Running ''whois'' against either of Nmap's IP addresses brings up more information about Nmap's host, including the email address to send abuse and DMCA shutdown notices to.+Running ''whois'' against either of Nmap's IP addresses brings up more information about Nmap's host, including the email address to send abuse and DMCA shutdown notices to. (Very exploitable.)
  
 ===== Browser Based Tools ===== ===== Browser Based Tools =====
  
-If you don't have access to the command line, there are a handful of sites you can use for DNS lookups in your browser:+If you don't have access to the command line, there are a handful of sites you can use for DNS & WHOIS lookups in your browser:
  
   * [[https://whois.domaintools.com|DomainTools]]   * [[https://whois.domaintools.com|DomainTools]]
diy/network-recon.1718285830.txt.gz · Last modified: 2024/08/06 05:53 (external edit)

Find this page online at: https://bestpoint.institute/diy/network-recon