Questions tagged [information-gathering]
The early stage of an attack during which the attacker tries to collect information about the target.
86
questions
0
votes
0
answers
108
views
Advice on more in depth web app info gathering phase
I am a junior pentester currently working for a secure messaging app that includes a webclient. Only the subdomain is in scope and other subdomains are off-limits. Social engineering is also off ...
- 1
1
vote
0
answers
47
views
How do hackers find the ip address of router or networks they want to hack? [duplicate]
I've heard news of hackers in different countries being able to infiltrate networks in other countries. What I'm wondering is how these hackers find the ip addresses (without the use of phishing) of ...
- 13
17
votes
5
answers
8k
views
Is having the name of web server software in HTTP response header a serious problem?
How serious a security problem is it to have the name of the web server in the HTTP header (Apache, Nginx etc.)?
I am discussing this with a system administrator and he told me that deleting version ...
- 172
0
votes
1
answer
122
views
I gave my first name and alt email to someone I don't know, will that reveal who I am?
So, I wanted to get this game (to try it as it had no demo), so I went to a website, did not click on anything except the link to the Google drive folder, and then stupidly requested access to a ...
user281008
0
votes
1
answer
120
views
How do you protect your online identity from background checks?
This site is the only piece of online presence I have in my own name. I also have two gmail addresses in my own name.
If a background check is to be made on my online activities, would there be a way ...
- 213
0
votes
1
answer
111
views
Determining threat when performing OSINT
I am new to ethical hacking and I often find myself really confused when evaluating and determining the danger level of information that can be found regarding a domain when performing OSINT. I'm not ...
- 197
0
votes
1
answer
124
views
Does the device attributes section of Facebook's data policy entitle it to private files on my device?
I was reading through Facebook's data policy which also encompasses instagram, messenger, etc. It looked like the usual all encompassing breach of privacy I have come to expect from the company but ...
1
vote
1
answer
876
views
How do I find the IP address of a specific device on the local network? [closed]
I would like to learn how to find the private IP address of anyone connected to a network.
This specific network has a firewall. The only info I have on it is that it blocks ICMP requests (I'm pretty ...
- 151
0
votes
1
answer
133
views
How do mobile apps share details with each other to show customized ads
My question is more towards how this is implemented. I mean do they expose apis to each other or store data at a common place to be accessed by others. Please excuse me if it seems too naive.
- 1,345
1
vote
2
answers
604
views
How do attackers determine ROP gadgets remotely?
Being gadgets change per each system and architecture (do they?), how would an attacker be able to determine the offsets of various Return Oriented Programming gadgets, would an attacker first need to ...
- 11
0
votes
1
answer
229
views
Impact of the System Information Leak
Our application stored **e.printstacktrace()** in a log file, which is accessible to a specific user group. We need such detailed information for debugging purposes.
As per the security team, they are ...
- 449
0
votes
1
answer
1k
views
Can my ISP know these things?
I am a novice about digital things (imagine the antonym for "tech savvy").
Can my ISP know my yahoo email address? I have signed in on yahoo more than a million times. Yahoo is https.
Can ...
- 339
3
votes
4
answers
19k
views
If nmap shows all ports are filtered or closed, what would be the next logical step to take to get more information?
If nmap shows all ports are filtered or closed, what would be the next logical step to take?
Does that mean I would need to get physical access to the device? or is there any other ways to get ...
- 39
0
votes
0
answers
239
views
How does the Amass intel module correlate information?
Can someone explain to me how OWASP Amass correlates information regarding the intel module domain search?
As an example, if I run the command:
amass intel -d example.com -whois
I'll get a list of ...
12
votes
2
answers
4k
views
How do hackers search for vulnerabilities on certain ports? [closed]
Hackers usually attack open ports and services, but I want to know how they find security holes in specific ports or services.
- 153