LAB 3 Perform Data Gathering and Footprinting on a Targeted Website Introduction The first phase of hacking is the footprinting phase, which is designed to passively gain information about a target. In this lab, you will identify a target organization with an Internet website and perform data gathering and footprinting for the site using Internet search tools. You will collect public domain information about the organizations website by making use of Google hacking techniques, downloading the Sam Spade reconnaissance-gathering tool, and using nslookup and tracert, similar DOS command tools packages with Microsoft Windows. You also will research public domain sites such as IANAs WHOIS tool to obtain public domain information about the targeted website. Finally, you will record the information you uncover in a research paper, describing how this information can make an organization vulnerable to hackers. The purpose of this lab is to share common techniques used by both black- and white-hat hackers to expose vulnerabilities. As such, you should recognize that as with any hacking activity, it may take several tries to uncover a truly vulnerable organization.

LAB 3 Perform Data Gathering and Footprinting on a Targeted Website Introduction The first phase of hacking is the footprinting phase, which is designed to passively gain information about a target. In this lab, you will identify a target organization with an Internet website and perform data gathering and footprinting for the site using Internet search tools. You will collect public domain information about the organizations website by making use of Google hacking techniques, downloading the Sam Spade reconnaissance-gathering tool, and using nslookup and tracert, similar DOS command tools packages with Microsoft Windows. You also will research public domain sites such as IANAs WHOIS tool to obtain public domain information about the targeted website. Finally, you will record the information you uncover in a research paper, describing how this information can make an organization vulnerable to hackers. The purpose of this lab is to share common techniques used by both black- and white-hat hackers to expose vulnerabilities. As such, you should recognize that as with any hacking activity, it may take several tries to uncover a truly vulnerable organization. Many organizations closely monitor their websites for any activity that might indicate hacking. Know too, that Google hacking does not work on every site on the Internet and that sometimes the best results come from smaller, local companies that are less likely to employ effective monitoring. This lab is a paper-based design lab and does not require use of the Virtual Security Cloud Lab (VSCL). To successfully complete the deliverables for this lab, you will need access to a text editor or word processor, such as Microsoft Word. For some labs, you may also need access to a graphics line drawing application, such as Visio or PowerPoint.

Assignment 2 Grading Criteria
*Performed live data gathering and footprinting of a targeted organization and its website.
*Gathered valuable public domain information about the targeted organization and its website.
*Assessed what information is available publicly and what information should not be in the public domain for that organization.
*Performed research on Google hacking to identify useful known user logons and passwords and other website vulnerabilities.