avatarStefan Bargan

Summarize

What is Website Footprinting?

In terms of Cybersecurity, footprinting refers to the process of collecting as much information as possible about the target to find a way to gain access/vulnerabilities.

hackthissite.org

What information can we gather by visiting the target website?

This is probably the easiest part of website footprinting as this does not require a lot of skill, look at it like a bit of OSINT (Open Source Intelligence). Now below I have left a few things that you can come across by visiting the website:

  • The Operating System is being used
  • Sub-directories and parameters
  • filename, paths, database field name, or query (path traversal?)
  • Software used and its version (CVS? Outdated software?)
  • Scripting platforms
  • Contact details and CMS (Content Management System) details

Examining the HTML source code?

Now for this part it would be best that you know some HTML (HyperText Markup Language), maybe some PHP & JavaScript as well. Examining the HTML code can reveal some interesting bits about the which are outlined below:

  • Comments in the source code (HTML, mainly)
  • The File System Structure
  • The Script Types
  • Contact details of the web developer or the admin (weak credentials or some Social Engineering?)

Examining the cookies?

Examining the cookies of the website might not be the most fun thing, but you might be able to find a vulnerability within the cookies.

  • Scripting platforms that are being used
  • Software in use and its behaviour

Using specialized tools?

Using tools can help to gather data a lot faster and specific data. But this is a less passive way of doing website footprinting. Below, I have listed a few tools that can be used for website footprinting:

  • Burp Suite (Great Tool)
  • Zaproxy
  • Paros Proxy
  • Website Informer
  • WPScan (WordPress Website Scanner, it requires an account to find WordPress Vulnerabilities)
  • Nikto

Web Spiders?

Web Spiders will perform an automated search on the target website and collect specific information that is available on the website. An attacker might use web spiders to collect specific information and maybe go for a Social Engineering attack.

Website Mirroring?

Not as common anymore, but it is still a great method if you want to explore the website offline. Offline testing can be safer than online testing of vulnerabilities. You will also be able to scan the directory structure without sending multiple requests to the web server (this might reveal your intentions).

And with that my article about Website Footprinting is finished, if I missed anything important about the website then please let me know in the comments below.

Thank you for reading my Medium Article!

https://stefan-p-bargan.medium.com/membership

My LinkTree — https://linktr.ee/StefanPBargan

Ethical Hacking
Website
Hacking
Website Footprinting
Osint
Recommended from ReadMedium