Footprinting Lab 2 (part-1): metagoofil

Description: In this lab, we will use the metagoofil tool to gather information from a website.
Specifically, we are looking for possible vulnerabilities on the website.

Requirements for the lab: Kali Linux / Parrot OS

Step 1: Launch your Kali virtual machine and log in

Step 2: Launch a Terminal window

Step 3: At the prompt, enter: metagoofil –d hackthissite.org –t pdf,doc,ppt,xls –l 200 –o

hackthissite -f

**We are using the evasion switch (-e) and the number 1 (to specify random encoding) to help
us be a little bit stealthier when running the scan. We also use -h to define the hostname or IP
address.

Note: It will take several minutes to run the scan.

Question 1: Do you see any downloaded files from the website?

If yes, please write some of them below:

Question 2: What are the contents of .txt file that you have gathered?

Footprinting Lab 2 (part-2): Maltego

Description: In this lab, we are going to to use a tool called Maltego. Maltego is an open-
source intelligence forensic application. Which will help you to get more accurate information
and in a smarter way. In simple words, it is an information-gathering tool. You can read more
about it here: https://tools.kali.org/information-gathering/maltego-teeth

Requirements for the lab: Kali Linux / Parrot OS

Step 1: Launch you Kali / Parrot OS machine and login

Step 2: Open a Maltego from tools available in Kali and Parrot OS

Step 3: At the prompt, run the CE version of Maltego. . In this experiment, we will be using
haveibeenpwned.com database. So, make sure that this integration is available with Maltego.

Step 4: Create a new graph, select the domain as entity from entity panel and the use any
domain like linkedin.com (Note: Don’t use it on some govt. domains). After that right click on the
domain that you have chosen as a target and then run all the transformations related to e-mails.
Step 5: After you get all the email ids, select them and run breach transformation.
Step 6: After you get all the breaches, select anyone to enrich it by running the enrich
transformation.

Question 1: Were you able to see any breached related to any email id? If yes, write at least
three of them here

Question 2: What other information did you find?