Accessing error pages or unintentionally exposed pages (that should belong on the company intranet) can provide valuable intelligence about the systems that the company uses. While many of these sites may be deliberately intended for public consumption and others may be protected by login pages, the possibility exists that some are unintentionally exposed to the internet. į is one example of a variety of different websites designed to help identify websites that belong to an organization. By using specialized Google queries (Google Dorking), it’s also possible to search for files that were not intentionally exposed to the internet but still publicly available as well. The organization’s website, especially its career page, can provide details of the types of systems used in the network. The information that an organization posts online can provide a massive amount of information about their network.
One potential application of Google is for performing passive reconnaissance about a target. Google can provide a vast amount of information on a variety of different topics.
#Network hacking tools software#
Captured traffic may also include version information of servers, allowing a hacker to identify potentially vulnerable software that can be exploited. If an attacker can gain access to an organization’s Wi-Fi network or otherwise eavesdrop on the network traffic of an employee (e.g., by eavesdropping on traffic in a coffee shop), analyzing it in Wireshark can provide a great deal of useful intelligence about the target network.īy passively eavesdropping on traffic, a hacker may be able to map IP addresses of computers within the organization’s network and determine their purposes based on the traffic flowing to and from them. Wireshark is best known as a network traffic analysis tool, but it can also be invaluable for passive network reconnaissance. The tools used for passive reconnaissance take advantage of unintentional data leaks from an organization to provide the hacker with insight into the internals of the organization’s network. In passive reconnaissance, the hacker never interacts directly with the target’s network.