SHRI VISHNU ENGINEERING COLLEGE FOR WOMEN

(Autonomous)
Department of Computer Science and Engineering

Experiment No 5: Perform practical approach to implement Footprinting - Gathering

target information using Dmitry-Dmagic, UA tester
Description:
What is Footprinting?
Footprinting can be referred to as pre-hacking as it is the action performed by the hacker
before hacking. Footprinting is the process of gathering information on the targeted system
before performing the actual hacking. The hacker can use any tool or source to gather
information on the targeted system and then after gathering information, he will perform his
hacking. This is known as footprinting.
There are two Types of Footprinting.
Active Footprinting - Active Footprinting can be defined as the process of information
gathering by getting in direct contact with the targetted system.
Passive Footprinting - Passive Footprinting can be defined as the process of gathering
information from a remote distance from the targeted system.
These are the different types of information that can be gathered actively or passively from
footprinting. They are –
1. Operating System of the system that has to be targeted.
2. Firewall
3. IP Address
4. Network MAP
5. Email Id and Password
6. Server Configurations

Types of footprinting:
1.Whois Footprinting
Whois.com is a website that gives you the details of the domain names. It gives you details
such as the owner of the domain, domain id, a domain name, created and updated on, admin
name, name server, and many more details that hackers can collect before performing
hacking. You can be safe by adding a special service of privacy protection while buying a
domain name that the majority of us ignore. But that privacy protection will not let your
domain information show anywhere such as whois.com. It will be protected. We will know
more about WHOIS in the next chapter.
Website: https://www.whois.com/
2.Website Footprinting
Website footprinting is that when the hacker visits the targeted website and gathers
information such as email, partners, address, contacts, etc. Further, they find errors in websites by
putting invalid codes anywhere in the comment box or search box, those errors can reveal much about
a website such as its scripting, server, type of software used, and many more which hackers collect.
This is website footprinting. Furthermore, hackers also copy those websites in offline mode and look
 SHRI VISHNU ENGINEERING COLLEGE FOR WOMEN
(Autonomous)
Department of Computer Science and Engineering

out for errors on the websites, which they can exploit. This is also called mirroring website
footprinting.

They use several tools for performing this act. Tools like.
1. Website Ripper Copier
2. Teleport Pro
3. Imiser Reasearch Assistant
4. Hit-track.
They also use some websites like: archive.org, Wayback machine and website watcher to
gather information of websites.
3.Email Footprinting
When a hacker comes to know the email id of the targeted victim and then gathers the
information through his email address. This is known as email footprinting.
4.Search Engine (Google dorks Footprinting)
Hackers use dorks to find vulnerabilities or errors in the website and exploit them and hack
them through SQL injection. There are also some tools like metagoofil, bilesuite and gmail
which hackers use to gather information.
Ex: intitle; inurl; intext;
5.DNS Footprinting
DNS that is the domain name system record of a website and can reveal information such as
email applications that which email services are being used. DNS footprinting is done by
hackers to enumerate DNS record details and types of servers. There are many tools like
domain dossier, you get a signal and DNS the dumpster that hackers use for DNS
footprinting. These are some of the types of footprinting that are usually done by hackers.
However, there are many but these above are the some that are mostly used.
6.Social Network Footprinting
Social networking sites contain an email address, phone numbers and other information
which can be useful in the information-gathering process.
7.Social Engineering Footprinting
Social engineering involves the process of the deliberate and produced control of individuals
for the motivations behind any kind of fraud whether online or offline. This mainly involves
manipulating people in such a way that they reveal sensitive information so that hacking
attacks should be initiated. This fraud can be simply computerized, or a mix of on-the-web
and offline activities are taken to delude or bargain an individual or a group of people etc.
WayBack Machine - Wayback machine has all the archives of the website present on the
internet. You can easily navigate to the website of Wayback machine and enter the URL of
any website you are looking for information for and select a date range. The Wayback
machine will deliver the archived website of that particular date range. We will know about
the Wayback machine in detail later in the next chapter.
 SHRI VISHNU ENGINEERING COLLEGE FOR WOMEN
(Autonomous)
Department of Computer Science and Engineering

Website: https://web.archive.org/

Dmitry is a command-line tool for gathering information about a target host. It performs both
passive and active reconnaissance, helping ethical hackers and penetration testers
understand their target’s publicly accessible data.
Key Features:
 WHOIS Lookup: Retrieves domain registration info like owner name, registrar,
expiry, etc.
 Netcraft.com Information: Fetches data from Netcraft, such as hosting provider and
OS.
 Subdomain Search: Identifies possible subdomains of the target domain.
 Email Address Search: Attempts to find publicly listed email addresses related to the
domain.
 TCP Port Scanning: Detects open ports on the target server.
 Banner Grabbing: Captures service banners to determine software/versions running
on open ports.
 Output File: Saves all results into a text file for documentation or further analysis
2. Dmagic
Dmagic is not an officially maintained Linux tool, but commonly refers to custom or
community-created recon tools that bundle utilities like Dmitry, Nmap, Whois, DNS
lookup, and others into one script or toolkit.
Sometimes, it refers to a bash or Python wrapper that runs a sequence of reconnaissance
commands automatically on a given target.
Common Capabilities:
 Runs Dmitry with predefined arguments
 Adds Nmap scans for detailed port/service detection
 Performs DNS lookups
 Gathers email, domain registration, and SSL cert info
 May include automated reporting
 SHRI VISHNU ENGINEERING COLLEGE FOR WOMEN
(Autonomous)
Department of Computer Science and Engineering

3. UAtester
UAtester is a Python-based tool that tests how a web server responds to various User-Agent
(UA) strings. It's useful in analyzing how websites behave for different clients and detecting
firewalls, filters, or bot protections.
Key Features:
 Sends requests to a target website with various user-agents (like Chrome, Firefox,
Googlebot, etc.)
 Detects whether certain UA strings are blocked, redirected, or treated differently
 Helps identify WAF (Web Application Firewall) behavior
 Aids in bypassing user-agent filters during testing

1. Using Dmitry (Deepmagic Information Gathering Tool)

Features:
 Whois lookup
 Netcraft.com info
 Subdomain search
 Email address search
 TCP port scan
 Banner grabbing
Steps:
1. sudo apt update
2. sudo apt install dmitry
3. dmitry -winsepo example.com
 -w = Perform a whois lookup
 -i = Get IP address
 -n = Perform Netcraft info retrieval
 -s = Subdomain search
 -e = Email address search
 -p = TCP port scan
 -o = Output to file
SHRI VISHNU ENGINEERING COLLEGE FOR WOMEN
(Autonomous)
Department of Computer Science and Engineering