Lab1.2 Passive Recon - adamcunningham9990/SEC335-Journal GitHub Wiki
theHarvester
theHarvester is used to gain some basic passive recon on a website domain using different types of sources
Usage
theHarvester -d (domain) -l (number of results) -b (source type)
example: theHarvester -d uvm.edu -l 100 -b google
Tips / Issues
Make sure to limit to about 100 searches to avoid lag, different types of sources can be google, twitter, linkedin, etc.
Make sure the H is capitalized!
Useful Links
Netcraft
Netcraft is a passive recon tool to get information about what types of technology websites are running
Usage
Netcraft website navigate to the search bar and search the domain
Tips / Issues
Check out the Site Technology tab for info on Client-Side scripting frameworks, mobile technologies, content management, etc.
metagoofil
metagoofil is a passive recon tool used to extract files from a website, such as pdfs and html files
Usage
sudo metagoofil -d (domain) -t (file type) -l (file limit) -o (output directory)
Example: sudo metagoofil -d uvm.edu -t pdf -l 10 -o metagoo_out
Tips / Issues
Make sure to limit results to about 10, in order to not trigger intrusion detection