Website Footprinting includes monitoring and investigating about the target organization's official website for gaining information such as Software running, versions of these software’s, operating systems, Sub-directories, database, scripting information, and other details. This information can be gathered by online service as defined earlier like netcraft.com or by using software such as Burp Suite, Zaproxy, Website Informer, Firebug, and others. These tools can bring information like connection type and status and last modification information. By getting these type of information, an attacker can examine source code, developer’s details, file system structure and scripting.
Determining the Operating System Using websites such as Netcraft.com can also help in searching for Operating systems that are in use by the targeted organizations. Go to the website netcraft.com and enter the target organization’s official URL.
The result brings all websites related to the domain of that organization including operating system information and other information. If you enter a complete URL, it shows the in-depth detail of that particular website.
Another popular website for searching the detailed information regarding websites is Shodan, i.e. shodan.io. SHODAN search engine lets you find connected devices such as router, servers, IoT & other devices by using a variety of filters.
Go to the following URL
A search of the CSR1000v device brings 416 results along with IP addresses, Cisco IOS software version information, location information and others details.
Website Footprinting using Web Spiders Web Spiders or Web Crawlers are the internet bots that are used to perform systematic, automated browsing on World Wide Web. This browsing is targeted to a website to gather specific information such as names, email addresses.
Mirroring Entire Website Mirroring a website is the process to mirror the entire website in the local system. Downloading entire website onto the system enables the attacker to use, inspect the website, directories, structure and to find other vulnerabilities from this downloaded mirrored website copy in an offline environment. Instead of sending multiple copies to a web server, this is a way to find vulnerabilities on a website. Mirroring tools are available which can download a website. Additionally, they are capable of building all directories, HTML and other files from the server to a local directory.
Website Mirroring Tools Website mirroring tools includes some applications that offer Website mirroring. Some of these tools include: -
Win HTTrack Website Copier
Surf offline Professional
Website Ripper Copier
Portable Offline Browser
Offline Explorer Enterprise
Table - Website Mirroring Tools
Extract Website Information Archive.com is an online service that provides an archived version of websites. The result consists of a summary of the website including Summary on MIME-type Count, Summary for TLD/HOST/Domain, a sitemap of website and dates, Calendar view and other information.
Extracting Information using the Wayback machine
- Go to the following URL:
Search for a target website.
Select Year from the calendar.
Select date from the highlighted dates.
You will see the the snapshot of the website on the selected date.
Monitoring Web Updates Website-Watcher and other available tools offer website monitoring. These tools automatically check for updates and changes made to target websites.
Some other Website Monitoring Tools are: -
Follow That Page
Watch That Page