Footprinting is the process of accumulating data regarding a specific network environment for
the purpose of revealing system vulnerabilities. It is considered to be the first step in hacking.
Reconnaissance is the process of gathering data or a preliminary inspection of an area of interest
over a short period of time. The objective is to map the target network or collect all possible
information about the intended target by probing the target network completely.
In this chapter, we will discuss the role of footprinting and reconnaissance in information
security.
2.1 Understand the term footprinting
Exam Focus: Understand the term footprinting. Objective includes:
Recognize the role of search engines in footprinting.
Understand the role of financial Websites in footprinting.
Understand competitive intelligence and its need.
Understand DNS enumeration.
Understand Whois.
Learn different types of DNS records.
Footprinting
Footprinting is the process of gathering data regarding a specific computer network. An
organization should regularly footprint their network, or risk attackers doing it for them!
Footprinting is the first step in information gathering of hackers. They use footprinting to learn
about all aspects of their target organization including their remote access capabilities, types of
platforms, intranet and extranet presence, security protocols, and so on. Successful hackers use
footprinting to create an information database about your company's security weaknesses.
If an organization wants to protect their systems from attacks, they must take measures to thwart
potential attacks. They must conduct their own footprinting to find ways to intrude into their
environment. Going through the process of footprinting can reveal system vulnerabilities and
help put in measures and processes to minimize or eliminate their exploitation.
Footprinting uses various security techniques such as DNS queries, Network enumeration,
Network queries, Operating system identification, Organizational queries, Ping sweeps, Point of
contact queries, Port Scanning, and Registrar queries (WHOIS queries) to collect their
information.
Types of information gathered by footprinting
Footprinting collects domain names and associated networks related to a specific organization. It
also collects system information, such as user and group names, system banners, routing tables,
SNMP information, system architecture, remote system type, system names, and passwords.
Other information obtained may include learning the Internet technologies being used; the
operating system and hardware being used; platforms used, IP addresses; e-mail addresses and
phone numbers; and policies and procedures.
Here's a summarized list of information collected by footprinting:
Domain name
Internet domain names
Network blocks
IP addresses of the reachable systems
Rogue Websites/ private Websites
TCP and UDP services running
Networking protocols
VPN points
ACLs
IDSes running
Analog/digital telephone numbers
Authentication mechanisms
The operating system being used in the network, platforms used, and the current version of web
servers.
Steps included in footprinting
The EC-Council divides footprinting (and scanning) into seven basic steps:
1.
2.
3.
4.
5.
6.
7.
Information gathering
Determining network range
Identifying active machines
Finding open ports and applications
OS fingerprinting
Fingerprinting services
Mapping the network
Footprinting sources
There a variety of techniques employed by footprinting to gather system information:
Open source or passive information gathering: Gathers information regarding a target
from the publicity accessible sources.
Active information gathering: Collects information via social engineering on-site visits,
interviews, and questionnaires.
Anonymous footprinting: Collects information from sources where it is not possible to
identify or trace the author of the information.
Pseudonymous footprinting: Gathers information that might be published under a
different name in an attempt to preserve privacy.
Organizational or private footprinting: Gathers information from an organization's
web-based calendar and email services.
Internet footprinting: Gathers information regarding a target from the Internet.
Competitive footprinting: Gathers information on when the company began, how it
developed, where resources are placed and who controls those resources.
WHOIS footprinting: Is the quick way to get technical and administrative contacts
(phone, e-mail, location) as well as Domain Name Servers, NetRange, etc.
DNS footprinting: Takes place when a hacker obtains DNS zone information from the
DNS server to gather naming and IP information for resources within the network.
Network footprinting: Collects information about a company's network. Active and
passive are two types of network footprinting. Passive footprinting involves viewing the
company's website. Active footprinting involves gathering information through social
engineering.
Website and email footprinting: In Website footprinting, a user can make a mirror copy
of a Website and download the full Website. After this, the user can look for emails,
phone numbers, and employee details if they are present in the Website by digging the
full Website.
Google hacking: Involves using advanced operators in the Google search engine to
locate specific strings of text within search results.
Actions for a footprinting attack
The attacker/hacker/penetration tester needs to perform the following actions for a footprinting
attack:
Finding companies external and internal URLs: An attacker can find a company's
URL using various types of tools, such as Google search engine, various types of news
groups, blogs for sensitive data, etc.
Internal URLs provide an insight into different departments and business units in an
organization. You can also use trial and error methods.
The following tools can be used to search internal URLs:
o http://news.netcraft.com
o http://www.webmaster-a.com/link-extractor-internal.php
Performing whois lookup: The attacker can use whois queries to determine the IP
address ranges associated with clients. A whois query can be run on most UNIX
environments. In a Windows environment, the tools such as WsPingPro and Sam Spade
can be used to perform whois queries. Whois queries can also be executed over the Web
from www.arin.net and www.networksolutions.com.
Extracting DNS information: The Domain Name System (DNS) is a hierarchical
distributed naming system connected to the Internet or a private network. It translates
domain names meaningful to humans into the numerical identifiers associated.
Mirroring the entire Website: Website mirroring is a type of information gathering
attack in which an attacker downloads a copy of an entire Website to the local hard disk
for footprinting.
Searching in Google for personal information of employees: The attacker/penetration
tester can use Google, Yahoo people search, Yahoo finance, Google finance,
Anacubis.com, people-search-america.com, bestpeoplesearch.com, etc.
Locating the network range: In this type of footprinting attack, the attacker finds the
range of IP addresses and discerns the subnet mask.
Analyzing companies' infrastructure details from job postings: In this type of
footprinting attack, the hacker/penetration tester can gather company's infrastructure
details from job postings. Job posting sites can be helpful in determining job
requirements, employee profile, hardware information, software information, etc. For
example, a job posting like "looking for system administrator to manage Solaris 15
network.
Tracking email: E-mail tracking is a method for monitoring the e-mail delivery to the
intended recipient.
Why do attackers use proxy servers?
Attackers use proxy servers due to the following reasons:
Hide the source IP address so that an attacker can hack without any legal corollary.
Remotely access intranets and other Website resources that are normally off limits.
Interrupt all the requests that are sent by an attacker and transmit them to a third
destination; hence, victims will only be able to identify the proxy server address.
Make difficult for administrators to trace the real source of task by using multiple proxy
servers for scanning and attacking.
Footprinting through search engines
Search engines are used for extracting information regarding the target such as technology
platforms, employee details, login pages, intranet portals, etc. This helps attackers in performing
social engineering and other types of advanced system attacks. The sensitive information that has
been removed from the World Wide Web (WWW) can be provided by search engine cache.
Google Earth is used to obtain the location.
Search for a company's information
A company's information should be searched in major search engines, such as Google or Bing.
Complex keywords should be used to search about the company. The following information is
searched:
Updates made to the Website
Employee database
Press release
Contact information
The following techniques are used to search the information:
Extract archive and mirror Website
Search the web
People search
Competitive intelligence
The role of financial Websites in footprinting
Financial Websites, such as Google Finance and Yahoo Finance, can be used to gather
information. A company's infrastructure details can be gathered from job postings. In job
posting, you can look for the job requirements, employee's profile, hardware information, and
software information.
Competitive intelligence
Competitive intelligence is the process of identifying, gathering, analyzing, verifying, and using
information about your competitors from resources such as the Internet. It is non-interfering and
subtle in nature. The following steps should be taken during competitive intelligence gathering:
1.
2.
3.
4.
5.
Compare your product with your competitor's offering.
Analyze your market positioning compared to the competitors.
Pull up a list of competing companies in the market.
Extract salespersons' war stories on how deals are won and lost in the competitive arena.
Produce a profile of the CEO and the entire management staff of the competitor.
During competitive intelligence, you should try to find out where the company is located, when
did the company begin, who leads the company, what are the company plans, and how the
company is developed.
DNS enumeration
DNS enumeration is the process used to locate all DNS servers and their corresponding records
for an organization. A company may have both internal and external DNS servers that can
deliver information such as usernames, computer names, and IP addresses of potential target
systems. Tools such as NSlookup, DNSstuff, American Registry for Internet Numbers (ARIN),
and Whois can be used to gain information for performing DNS enumeration.
Tools used in extracting DNS information
An attacker can use the following tools to extract DNS information:
DIG: Domain Information Groper (DIG) is a network tool, like nslookup, that queries
DNS name servers. It can be used to simulate a DNS resolver or a name server. The dig
command can be used for network troubleshooting also.
NSLOOKUP: NSLOOKUP is a tool for diagnosing and troubleshooting Domain Name
System (DNS) problems. It performs its function by sending queries to the DNS server
and obtaining detailed responses at the command prompt.
SpiderFoot: SpiderFoot is a domain footprinting tool that searches Google, Netcraft,
DNS, Whois and Websites to build up lists of information. It also gives the information
about subdomains, affiliates, Web server versions, users, similar domains, email
addresses, netblocks, etc.
dnsstuff.com: dnsstuff.com can be used to search DNS information such as mail server
extensions and IP addresses.
WHOIS databases
WHOIS databases contain the personal information of domain owners. Regional Internet
Registry maintains WHOIS databases. Attackers look for physical location, telephone number,
email address, and technical and administrative contacts. The WHOIS query returns domain
name details, contact details of domain owner, domain name servers, and NetRange. AfriNIC,
ARIN, APNIC, LACNIC, and RIPE NCC are Regional Internet Registries. The following are
WHOIS lookup tools:
http://www.tamos.com
http://netcraft.com
http://www.whois.net
http://www.iptools.com
SmartWhois
SmartWhois is a useful network infrastructure utility. It is used to look up all the available
information regarding an IP address, hostname, or domain. It also provides information about
country, state or province, city, name of the network provider, administrator, and technical
support contact information.
DNS records
A DNS record contains all the necessary DNS information about the host such as FQDNS, ip
addresses, mail server records, etc. Basically, DNS records provide essential information about
the location and type of servers. The following are DNS record types:
A: It points to a host's IP address.
MX: It points to domain's mail server.
NS: It points to host's name server.
CNAME: It is a canonical name record. It is an alias of one name to another.
SOA: It indicates authority for domain.
SRV: It is a generalized service location record.
PTR: It maps IP address to a hostname.
RP: It represents a responsible person.
HINFO: It is a host information record. It includes CPU type and OS.
The following are DNS interrogation tools:
http://www.dnsstuff.com
http://network-tools.com
http://www.checkdns.net
http://www.iptools.com
2.2 Understand how traceroute is used in footprinting
Exam Focus: Understand how traceroute is used in footprinting. Objective includes:
Traceroute
Traceroute analysis
Traceroute
Traceroute is a route-tracing utility that displays the path an IP packet takes to reach its
destination. It uses Internet Control Message Protocol (ICMP) echo packets to display the Fully
Qualified Domain Name (FQDN) and the IP address of each gateway along the route to the
remote host. Traceroute sends out a packet to the destination computer with the TTL field value
of 1. When the first router in the path receives the packet, it decrements the TTL value by 1. If
the TTL value is zero, it discards the packet and sends a message back to the originating host to
inform it that the packet has been discarded. Traceroute records the IP address and DNS name of
that router, and sends another packet with a TTL value of 2. This packet goes through the first
router, and then times out at the next router in the path. The second router also sends an error
message back to the originating host. Now, the process starts once again and traceroute continues
to send data packets with incremented TTL values until a packet finally reaches the target host,
or until it decides that the host is unreachable. In the whole process, traceroute also records the
time taken for a round trip for each packet at each router.
Traceroute programs work on the concept of the ICMP protocol and discover the routers on the
path to a target host by using the TTL field in the header of ICMP packets.
Traceroute analysis
Attackers conduct traceroute in order to extract information about the network topology, trusted
routers, and firewall locations. For example, an attacker might get the following information
after running several traceroutes:
traceroute 1.10.10.20, second to last hop is 1.10.10.1
traceroute 1.10.20.10, third to last hop is 1.10.10.1z
traceroute 1.10.20.10, second to last hop is 1.10.10.50
traceroute 1.10.20.15, third to last hop is 1.10.10.1
traceroute 1.10.20.15, second to last hop is 1.10.10.50
Attackers can draw the network diagram by using the above information together.
Tools used in locating the network range
The tools used in the locating network range are as follows:
Traceroute: As we just learned, traceroute is a route-tracing utility that displays the path
an IP packet takes to reach its destination. It uses Internet Control Message Protocol
(ICMP) echo packets to display the Fully Qualified Domain Name (FQDN) and the IP
address of each gateway along the route to the remote host.
NeoTrace: NeoTrace shows the hacker/penetration tester how packets get from the host
to target server on the Internet by displaying all nodes between the host and the trace
target.
VisualRoute: VisualRoute performs fullhope traceroute, reverse tracing, giving hope
response time, packet loss reporting, performing reverse DNS, ping plotting, port
probing, network scanning, etc.
2.3 Google hacking, Website mirroring, and email tracking
Exam Focus: Google hacking, Website mirroring, and email tracking. Objective includes:
Understand Google hacking and its tools.
Learn the Website mirroring tools.
Understand how e-mail tracking works.
Learn the countermeasures to be taken in footprinting.
Understand pen testing.
Google hacking
Google hacking is a computer hacking technique that uses Google search and other Google
applications to find security holes in the configuration and computer code that Web sites use.
Google hacking involves using advanced operators in the Google search engine to locate specific
strings of text within search results. For example, the following search query would locate all
Web pages that have that particular text contained within them. It is normal for default
installations of applications to include their running version in every page they serve, e.g.,
intext:"Powered by XOOPS 2.2.3 Final".
One can even retrieve the username and password list from Microsoft FrontPage servers
by inputting the following microscript in Google search field:
"#-Frontpage-" inurl:administrators.pwd
The intitle Google search query operator is used to search sites having specific key terms.
For example, you will use the intitle:Sample.page.for.Apache Apache.Hook.Function
search query to get all Apache Web servers having version 2.0.
The filetype Google search query operator is used to search a specified file type. For
example, if you want to search all pdf files having the word hacking, you will use the
search query filetype:pdf pdf hacking.
The "filetype:pdf "Assessment Report" nessus" is used to search the assessment report of
nessus.
The inanchor operator searches the text representation of a link, not the actual URL. The
inanchor operator helps search the anchor, or the displayed text on the link.
What can a hacker do with Google hacking?
A hacker can do the following with Google hacking:
Identify advisories and server vulnerabilities.
Identify error messages that contain sensitive information.
Identify files containing passwords.
Identify sensitive information.
Identify pages containing logon portals.
Identify pages containing network or vulnerability data.
Footprinting using Google hacking techniques
The following are Google hacking techniques used in footprinting:
Query string: Google hacking is the art of creating complex search engine queries.
Vulnerability sites: Google hacking detects Websites that are vulnerable to several
exploits and vulnerabilities.
Google operators: Google hacking uses Google operators to find particular strings of
text within the search results.
Google Hacking Database
The Google Hacking Database is a database list of queries that expose known issues with
software that runs Websites. There are some bugs that expose information that a developer might
not want the public reading (passwords, etc.). It can be used to gather the following information:
Advisories and Vulnerabilities
Error Messages
Files containing juicy info
Files containing passwords
Files containing usernames
Queries that can help a hacker gain a foothold into a web server
Pages containing login portals
Pages containing network or vulnerability data
Sensitive Directories
Sensitive Online Shopping Info
Various Online Devices
Vulnerable Files
Vulnerable Servers
Web Server Detection
Google hacking tools
Google offers several hacking tools:
MetaGoofil: It is an information gathering tool used to extract metadata of public
documents (pdf, doc, xls, ppt, docx, pptx, xlsx) that belong to a target company. It will
perform a search in Google in order to identify and download the documents to local disk
and will extract the metadata with different libraries.
Google Cartography: It uses the Google Search API in order to build a visual
representation of the interconnectivity of streets in an area.
Goolink Scanner: It only gathers and displays the links and removes the cache
information from your searches. It is useful for finding vulnerable sites that are wide
open to Google and Googlebots.
Google Hack Honeypot: It is used to provide reconnaissance against attackers that use
search engines as hacking tool against resources.
SiteDigger: It searches Google's cache to look for vulnerabilities, errors, configuration
issues, proprietary information, and interesting security nuggets on Websites.
GMapCatcher: It is an offline maps viewer. It can display maps from many providers
such as: CloudMade, OpenStreetMap, Yahoo Maps, Bing Maps, Nokia Maps, SkyVector,
and Google Map. It displays them using a custom GUI.
Google Hacks: It is used to see the timeline of search results, view a map, search for
music, search for books, and perform many other specific kinds of searches. It can also be
used to use Google as a proxy.
Website mirroring
Website mirroring is a process in which an attacker mirrors the Website to get juicy information
in Website, to make a clone of the Website for future study, etc. Web mirroring tools permit you
to download a Website to a local directory. You can recursively build all directories, HTML,
images, flash, video, and other files from the server to your computer. The following tools are
used to mirror an entire Website:
Wget
Website Ripper Copier
Webripper
BlackWidow
WinWSD
Reamweaver
xaldon webspider 2
Teleport Pro
The following are some important tools used to mirror the entire Website:
Web The Ripper: It is a Website mirroring tool that can download the whole Website
into a password protected the ZIP file. Web The Ripper maintains unique filenames to
avoid the same file name from being overwritten.
HTTrack: It is a Website mirroring tool that allows downloading a Website from the
Internet to a local directory, building recursively all directories, getting html, images, etc.
It arranges the original site's relative link-structure. It can update an existing mirrored
site, and resume interrupted downloads.
Email Tracking
E-mail tracking is a method for monitoring e-mail delivery to the intended recipient. Most
tracking technologies utilize some form of digitally time-stamped record to reveal the exact time
and date that your e-mail was received or opened, as well the IP address of the recipient.
E-mail tracking is useful when the sender wants to know if the intended recipient actually
received the e-mail, or if they clicked the links. However, due to the nature of the technology, email tracking cannot be considered an absolutely accurate indicator that a message was opened
or read by the recipient. Email tracking tools can be used to perform the following tasks:
Gathering information of when the email was received or read
Sending destructive emails
Getting GPS location and maps of the recipient
Finding time taken in reading email
Checking whether victim visited to links given in the email or not
Tracking PDF and other attachment information
Setting message to expire after a specified time.
The following are email tracking tools:
VisualRoute Trace: It is a graphical tool that determines where and how traffic is
flowing on the route between the desired destination and the user trying to access it. It
does this by providing a geographical map of the route and performance on each portion
of that route.
GEOSpider: It is used to trace, identify and monitor the network activity on world map.
It can be used to trace any website or IP address on the map.
vTrace: It is a software for fast getting a lot of information about target host {visual
traceroute from your host, IANA information (WhoIs, ASN for BGP systems), DNS
records (like nslookup or DIG), geographical placement, open TCP ports (simple port
scanner)...}, and also few information about your machine.
Magic NetTrace: It reveals the entire ip trace route from you to any place in the Web. It
is useful in resolving connectivity problems and finding out where the spam goes from.
Visual IP Trace: It is used to trace an IP address or web site back to its origin/location.
Email threats to information security
There are a variety of threats to information security whose source is email. Here are a few that
we will be discussing in some detail:
Mail bombing
E-mail storm
E-mail spoofing
Mail bombing
Mail bombing is an attack that is used to overwhelm mail servers and clients by sending a large
number of unwanted e-mails. The aim of this type of attack is to completely fill the recipient's
hard disk with immense, useless files, causing at best irritation, and at worst total computer
failure. E-mail filtering and properly configuring email relay functionality on mail servers can be
helpful for protection against this type of attack.
E-mail storm
An e-mail storm is a sudden spike of Reply All messages on an e-mail distribution list, usually
caused by a controversial or misdirected message. Such storms start when multiple members of
the distribution list reply to the entire list at the same time in response to an instigating message.
Other members soon respond, usually adding vitriol to the discussion, asking to be removed from
the list, or pleading for the cessation of messages. If enough members reply to these unwanted
messages, this triggers a chain reaction of e-mail messages. The sheer load of traffic generated
by these storms can render the e-mail servers carrying them inoperative, similar to a DDoS
attack. Some e-mail viruses also have the capacity to create e-mail storms, by sending copies of
themselves to an infected user's contacts, including distribution lists, infecting the contacts in
turn.
E-mail spoofing
E-mail spoofing is a term used to describe e-mail activity in which the sender address and other
parts of the e-mail header are altered to appear as though the e-mail originated from a different
source. E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the
origin of an e-mail message. By changing certain properties of the e-mail, such as the From,
Return-Path, and Reply-To fields (which can be found in the message header), ill-intentioned
users can make the e-mail appear to be from someone other than the actual sender. The result is
that, although the e-mail appears to come from the address indicated in the From field, it actually
comes from another source.
Email header
The email header holds information about the origin of the email. This will include the IP
address of the source, the method used to send it, and who is the sender. Each message has
exactly one header, which is structured into fields. Each field has a name and a value. The field
name starts in the first character of the line and ends before the separator character ":". The
separator is then followed by the field value. Field names and values are restricted to 7-bit ASCII
characters. Non-ASCII values may be represented using MIME encoded words.
eMailTrackingPro
eMailTrackerPro is a tool that is used to track received email to find the location, and the
relevant ISP of the target. It uses the advanced header analysis and IP database. It can pin point
the real IP address of the sender and track it down to the town/city the email came from. When a
user uses this tool to send an e-mail, forward an e-mail, reply to an e-mail, or modify an e-mail,
the resulting actions and tracks of the original e-mail are logged. The sender is notified of all
actions performed on the tracked e-mail by an automatically generated e-mail.
MailTracking.com
MailTracking.com is an email tracking tool that can be used to track the receiver of the email. A
user can track the email by adding mailtracking.com to the end of recipients email address or by
installing the ActiveTracker plugin. It can display the date and time the email opened, location of
recipient, map of location, recipient's IP address, referrer details, URL clicks, if the email was
forwarded, or opened on a different computer.
Footprinting countermeasures
The following are footprinting countermeasures:
Configure routers in order to restrict the responses to footprinting requests.
Configure web servers in order to avoid information leakage and disable unwanted
protocols.
Lock the ports with the suitable firewall configuration.
Use an IDS that can be configured in order to refuse suspicious traffic and pick up
footprinting patterns.
Evaluate the information before publishing it on the Website/Internet.
Perform footprinting techniques and remove any sensitive information found.
Prevent search engines from caching a webpage and use anonymous registration services.
Disable directory listings and use split-DNS.
Footprinting pen test
Footprinting pen test is used to find organization's publicly available information on the Internet
such as network architecture and operating systems. The tester tries to collect as much
information as possible about the target organization from the Internet and other publicly
accessible sources. Footprinting pen testing supports administrators in preventing information
leakage, social engineering attempts, and DNS record retrieval from publically available servers.
Steps in footprinting pen testing
The following steps are taken to perform footprinting pen testing:
1. Get proper authorization and define the scope of the assessment.
2. Perform Internet footprinting by using tools such as Web Data Extractor, Link Extractor,
etc.
3. Gather competitive intelligence using tools such as SEC Info, Business Wire, C-SPAN,
etc.
4. Perform WHOIS fingerprinting using tools such as SmartWHOIS, Alchemy Eye, etc.
5. Perform network footprinting using tools such as NetInspector, NsLookup, etc.
6.
7.
8.
9.
Perform Website footprinting using tools such as 3D Traceroute, LoriotPro, etc.
Perform email footprinting using tools such as eMailTrackerPro, PoliteMail, etc.
Perform Google hacking using tools such as GHDB, MetaGoofil, SiteDigger, etc.
Document all the findings at the end of pen testing.
Chapter Summary
In this chapter, we learned about footprinting, its purpose, the tools used in footprinting, tools,
footprinting countermeasures, Pen-testing, and the role of competitive intelligence. We also
discussed DNS records, traceroute, and role of search engines in footprinting.
Glossary
Competitive intelligence
Competitive intelligence is the process of identifying, gathering, analyzing, verifying, and using
information about your competitors from resources such as the Internet.
DNS records
DNS records provide essential information about location and type of servers.
E-mail tracking
E-mail tracking is a method for monitoring e-mail delivery to the intended recipient.
eMailTrackerPro
eMailTrackerPro is a tool that is used to track received email to find the location, and the
relevant ISP of the target.
Footprinting
Footprinting is an information gathering technique that is used to gather information about
computer systems.
Footprinting pen test
Footprinting pen test is used to find organization's publicity available information on the Internet
such as network architecture, operating systems, applications, and users.
Google hacking
Google hacking is a computer hacking technique that uses Google search and other Google
applications to find security holes in the configuration and computer code that Web sites use.
Google Hacking Database
The Google Hacking Database is a database list of queries that expose known issues with
software that runs Websites.
MailTracking.com
MailTracking.com is an email tracking tool that can be used to track the receiver of the email.
Pipl
Pipl can be used for people search. It extracts information about people by using a technique,
known as "the deep web".
Traceroute
Traceroute is a route-tracing utility that displays the path an IP packet takes to reach its
destination.
Web Data Extractor
Web Data Extractor is used to extract targeted company contact data (email, phone, fax) from
web for responsible b2b communication.
Website mirroring
Website mirroring is a process in which an attacker mirrors the Website to get juicy information
in Website, to make a clone of Website for future study, etc.
© Copyright 2026 Paperzz