![]() ![]() proxychains4 metagoofil -d -f -t pdf,doc,xlsĮxiftool # exiftool -r *.doc | egrep -i "Author|Creator|Email|Producer|Template" | sort -u In kali linux the api-keys config file located at /etc/theHarvester/api-keys.yaml Metagoofil(Find Meta File) # Gathers emails, names,subdomain, ips, and urls from public sources. Reference: site: intitle:"Apache HTTP Server" intitle:"documentation" ![]() Searching Google for: site: intitle:"Apache HTTP Server" intitle:"documentation" > options set GHDB_WEB_SERVER_DETECTION true > info recon/domains-vulnerabilities/ghdb > modules load recon/domains-vulnerabilities/ghdb Module installed: recon/domains-vulnerabilities/ghdb > modules load recon/domains-contacts/whois_pocs Module installed: recon/domains-contacts/whois_pocs > marketplace install recon/domains-contacts/whois_pocs Module installed: recon/domains-hosts/netcraft > marketplace install recon/domains-hosts/netcraft But a hacker does not really lots of automated tools! Recon-ng(OSINT Framework) # There are some good open source tools built-in in Kali Linux and some tools needed to be downloaded from Github. A hacker can download the files and use some tools to extract more information such as exiftool -v -f hello.pdf/doc/pngĪutomated tools speed up the OSINT process. When a file is created, automatically some information is stored in the meta data, Such as, Creation date, Location, Username, Information about Software and it’s version used to create the file, etc. Search on country based job posting sites.Popular job posting site such as indeed, glassdor, linkedin, etc.Another open way make a social engineering attack by sending attachments.May be company revealing too much information about their infrastructure. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |