Episode Details

Back to Episodes
Course 35 - Footprinting and Reconnaissance | Episode 2: Gathering Intelligence with NSlookup and WHOIS

Course 35 - Footprinting and Reconnaissance | Episode 2: Gathering Intelligence with NSlookup and WHOIS

Published 4ย days, 7ย hours ago
Description
In this lesson, youโ€™ll learn about: network footprinting using NSlookup and WHOIS1. What is Network Footprinting?
  • The process of gathering technical information about a target domain
  • Focuses on:
    • DNS data
    • IP addresses
    • Domain ownership
๐Ÿ‘‰ Goal:
  • Build a clear profile of the targetโ€™s infrastructure
2. Using NSlookup (DNS Intelligence)๐Ÿ”น Tool Overview
  • NSlookup
  • A command-line tool used to query:
    • DNS (Domain Name System) records
๐Ÿ”น What You Can Discover
  • Domain โ†’ IP address mapping
  • DNS servers
  • Network-related details
๐Ÿ”น Interactive Mode
  • Allows advanced queries like:
    • MX Records (Mail Servers)
      • Identify email infrastructure
๐Ÿ‘‰ Why it matters:
  • Reveals:
    • Email servers
    • Attack surface for phishing or targeting
3. Using WHOIS (Administrative Intelligence)๐Ÿ”น Tool Overview
  • WHOIS
  • Often accessed via:
    • ICANN
๐Ÿ”น What You Can Discover
  • Domain registrar
  • Registration & expiration dates
  • Name servers
  • Contact details:
    • Emails
    • Phone numbers
    • Addresses
4. Key Data ExtractedData TypeSourceValueIP AddressNSlookupNetwork targetingMX RecordsNSlookupEmail infrastructureRegistrar InfoWHOISDomain ownershipContact DetailsWHOISSocial engineeringName ServersBothInfrastructure mapping5. Strategic Importance
  • This data helps build:
    • A complete footprint of the target
๐Ÿ”น Potential Use Cases (High-Level)
  • Identifying:
    • Entry points
    • Services to investigate
  • Supporting:
    • Security assessments
    • Risk analysis
6. Role in Footprinting Phase
  • Part of:
    • Early-stage reconnaissance
๐Ÿ‘‰ It enables you to:
  • Move from:
    • Domain name โ†’ full infrastructure visibility
Key Takeaways
  • NSlookup is used for DNS-level intelligence
  • WHOIS provides administrative and ownership data
  • MX records reveal email systems
  • Public data can expose critical infrastructure details
  • Footprinting is the foundation of any security assessment
Big PictureThis stage is about:๐Ÿ‘‰ Turning public data into actionable intelligence
  • Before any testing begins
  • You must understand:
    • Who owns the system
    • How it is structured
    • What services it exposes
Mental Model
  • NSlookup โ†’ โ€œWhere is the system?โ€
  • WHOIS โ†’ โ€œWho owns the system?โ€


You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us