Week 1 - Foren-Ken/tech-journal GitHub Wiki
This week mainly focused on Passive Reconnaissance and Tool Usage:
Passive Reconnaissance
This topic relates to the acquisition of information on a network by gathering information without interacting with the target device. This technique is very quiet since it doesn't generate any behaviors out of the ordinary. The tools we used in class for this was "Metagoofil", "TheHarvester", and "Netcraft.com" though many other tools exist which can be used to gather more information.
Syntax for "TheHarvester" is the following: theHarvester -d {website} -b all
The option "-d" selects a domain while "-b" determines a source (like a search engine).
Syntax for "metagoofil" is the following: metagoofil -d {domain name} -t {file type(s)} -l {amount of time searching} -f {file out}.
I love Metagoofil since it allows for multiple document types to be submitted in a list. This means instead of just asking for a pdf extension, multiple can be stringed together like this "pdf,doc,docx" to check for all three with one command. It's very intuitive and uses the google index, by default, to check these files without actually interacting with the server.
Very cool stuff!
Syntax for "Netcraft" is the following: This tool is used in browser.