 |
| information gathering |
Welcome to the first post on Security Fuse and we wish you best of luck for your career and hope you will learn much from our blog.
Information Gathering is the first step of Penetration and Testing in which you have to gather all the information about your target and your aim is to find the weakest point in your target so you can exploit that weakness and vulnerability. By Information Gathering you are able to perform your attack more professionally and success rate increases with the information gathering step and almost every Cyber Security professional performs this step.
According to the famous quote
You must learn new way to think before you can master a new way to be - Marianne WilliamsonSo before starting keep in mind that you should not follow anyone,s ideas but you must always try exploiting in your own unique way.
We can gather information manually too but in this tutorial we will be using a tool in kali linux called " WhatWeb " for information gathering and via this whatweb tool we will be able to collect a tasty information about our targeted server and web application. This tool will dump all the important information which is necessary to launch our attack.
Make sure you have Kali Linux installed in your system because it comes pre-loaded with it and ready to use otherwise you can also install this tool on other linux platforms.
Whatweb
 |
| whatweb |
Open Kali and follow the steps
Steps :-
- Open the terminal in Kali Linux
kali linux
2. Now in the second step type the command to gather information about your target ( i.e server ip or domain )
whatweb securityfuse.comNow when you will enter the command , it will display all the possible information about the web server and web application.
If you want more in-depth information gathering you can also do it with the same tool by entering a customized command which is below.
whatweb -a 3 securityfuse.comOnly by entering -a 3 after whatweb in between the whatweb and target you will get more in-depth information about your target.
 |
| whatweb |
Such information could be seen in the above fig. in which it is showing some tasty information about the target and it is much information about the target necessary for any penterster to penetrate his target and Don't forget to share because sharing is caring.
Visitors are strictly tend to follow the terms and conditions and The content provided on this page is the authority of Security Fuse and the content provided is only for educational purpose. Security Fuse is not responsible for any of the act caused by viewers after reading the content from *.securityfuse.com. our aim is to provide a quality information on Cyber Security and exploitation and the knowledge is only for peace and educational purpose.
well good but kindly explain the outcomes of this command..
ReplyDeleteHi , thanks for sharing your views. you can simply check the image of whatweb command to check the outcome. it gives information about cms , and its versions and etc a tasty information.
DeleteTasty information Hehe
ReplyDeleteHow i get any website information using kali linux
ReplyDeletewhen I write whatweb www.google.com then outcomes"Timed out execution expired" and unassigned. why
ReplyDelete