Learn the various tools available to generate domain and subdomain names for various attacks. Lisa Bock explains generated domain names are used for phishing attacks, and generated subdomains are used with wildcard entries in a brute force attack to get a response from a server for a DNS Zone Transfer.
- [Voiceover] We know that there are…a lot of potential attacks we could launch against DNS…but using a domain name itself…is valuable as well in other attacks.…But we have to generate domain names.…Now we could manually…but there are a lot of domain name generators…out there that will actually check to see if…the domain name that you generated…is already in use.…Alright, so take a look at this.…When generating domain names,…when we're talking about this,…I'll tell you about some of the tools that you can use…but when phishing, spoofing the brand in the hyperlink…may get someone to click on the link.…
Alright, we want to have something more believable.…People are now trained to watch the hyperlink…and make sure they don't click something,…think before you click, right?…So "From Payroll CR@LandonPay.com"…"Date: April 03, 2016"…"Final Reminder Refund"…"Dear Employee,…"We've identified an error in your refund.…"In order to claim your overpayment,…"create an e-Refund account…so the monies can be deposited."…And here you see "Get Started", LandonPay.com.…
Note: Our Ethical Hacking series maps to the 18 parts of the EC-Council's certification exam. This course maps to the 02 Footprinting and Reconnaissance domain.
- Using competitive intelligence
- Hacking with search engines
- Using email for footprinting
- Getting social
- Mirroring websites
- Using Ping, Tracert, nslookup, and dig
- Taking footprinting countermeasures
- Pen testing for footprinting