Tools: WHOIS, dig, Maltego, Google Dorking (en)
WHOIS
What is WHOIS?
WHOIS is a query protocol used to find public information about internet domain registrations. This information can include the owner's name, email address, organization, country, and the date of registration and renewal of the domain.
How to use WHOIS in Kali Linux?
Kali Linux comes with the WHOIS command by default. To use it, open a terminal and type:
whois example.com
Replace "example.com" with the domain you want to check.
Example of Use in Ethical Hacking:
- Setting a Target: By knowing the owner and contact information of a domain, you can get a clearer picture of the target you are going to test penetration on.
- Footprinting: WHOIS provides a starting point for gathering more information about the target.
- Social Engineering: Information from WHOIS can be used as material for carrying out social engineering attacks.
dig
What is dig?
dig (domain information groper) is a DNS query utility that is more flexible and informative than the default nslookup command. dig allows you to perform various types of DNS queries, such as A, MX, NS, and others.
How to use dig in Kali Linux?
Just like WHOIS, dig is also installed by default in Kali Linux. To use it, type:
dig example.com
Example of Use in Ethical Hacking:
- Setting Nameserver Server: By using dig, you can find out the nameserver server used by a domain.
- Setting IP Address: dig can be used to get the IP address of a domain.
- Setting MX Record Information: MX record information is important to find out the mail server used by a domain.
Maltego
What is Maltego?
Maltego is a powerful graphical tool for performing open source intelligence (OSINT). Maltego allows you to connect multiple data sources to build a graph of entities and the relationships between them.
How to use Maltego on Kali Linux?
Maltego is usually not installed by default on Kali Linux. You need to download and install it manually. Once installed, you can use Maltego to perform various types of queries, such as finding information about domains, IP addresses, people, companies, and more.
Examples of Use in Ethical Hacking:
- Infrastructure Mapping: Maltego can be used to map the entire network infrastructure of an organization.
- Determining Relationships: Maltego can be used to find relationships between various entities, such as people, companies, and domains.
- Data Visualization: Maltego presents information in easy-to-understand graphical form, making it easier for you to analyze complex data.
Google Dorking
What is Google Dorking?
Google Dorking is a technique for searching for specific information on Google using advanced search operators. With Google Dorking, you can find information that is not easily found with regular searches.
How to use Google Dorking on Kali Linux?
Google Dorking does not require any special tools on Kali Linux. You only need to use a web browser to search on Google.
Example of Use in Ethical Hacking:
- Finding Sensitive Files: You can use search operators like "filetype:pdf" or "intitle:index.of" to find files that contain sensitive information.
- Finding Vulnerable Servers: You can use search operators like "inurl:phpmyadmin" or "intitle:admin panel" to find servers that may be vulnerable to attacks.
Important:
- Use this tool wisely: This tool is very useful for learning ethical hacking, but do not abuse it to do illegal activities.
- Respect Privacy: Always obey the law and ethics when doing penetration testing activities.
Conclusion:
WHOIS, dig, Maltego, and Google Dorking tools are very useful tools for gathering information about targets in the context of ethical hacking. By understanding how to use these tools, you will have a better ability to perform risk analysis and protect information systems.