1
00:00:00,300 --> 00:00:06,140
OK, so the next tool that we're going to use for passive reconnaissance is called Who Is and will I

2
00:00:06,150 --> 00:00:07,680
call it who is enumeration?

3
00:00:07,680 --> 00:00:13,110
Because we are using who is to enumerate information, which is me, which means pretty much is gathering

4
00:00:13,110 --> 00:00:13,770
information.

5
00:00:14,260 --> 00:00:20,340
So this comes with this helpful tool called Who Is and lets you gather all kinds of information about

6
00:00:20,340 --> 00:00:20,880
information.

7
00:00:20,880 --> 00:00:28,050
And that includes things like, you know, who is registries for what their name servers are, information

8
00:00:28,050 --> 00:00:34,380
on, you know, if they have DNS security in place, you can figure out who the owner is, registration

9
00:00:34,380 --> 00:00:35,250
information.

10
00:00:35,430 --> 00:00:37,230
And, you know, just more things.

11
00:00:37,230 --> 00:00:38,700
And it's very useful.

12
00:00:38,820 --> 00:00:40,650
It's definitely something that you want to do.

13
00:00:40,650 --> 00:00:44,850
Like if you're on an external assessment, you just in your information gathering stage.

14
00:00:45,010 --> 00:00:46,100
So let's go check it out.

15
00:00:46,440 --> 00:00:50,470
OK, so when we're in college, Lennix, the first thing that you want to do is open up a terminal and

16
00:00:50,470 --> 00:00:54,110
then just type in who is you can hit, enter and see all the different options.

17
00:00:54,120 --> 00:00:57,990
We're not going to use, you know, a lot of these we're really just going to use it to get a little

18
00:00:57,990 --> 00:00:58,770
bit of information.

19
00:00:58,770 --> 00:01:03,090
But you can go ahead and read over these yourself and, you know, figure out some more of the power

20
00:01:03,090 --> 00:01:06,000
behind this tool because you really gather a lot of information.

21
00:01:06,210 --> 00:01:09,390
But all we're going to be using it for is just to get information about a domain.

22
00:01:09,390 --> 00:01:10,860
So let's say we want to do it.

23
00:01:10,890 --> 00:01:14,610
Who is on, you know, Google dot com?

24
00:01:14,610 --> 00:01:15,890
So let's see what comes up.

25
00:01:15,900 --> 00:01:22,130
So you do that, you type, you just type in who is the domain and then you hit enter.

26
00:01:22,320 --> 00:01:24,800
So let's see what we got about Google dot com.

27
00:01:24,810 --> 00:01:27,890
So we had the domain name domain already.

28
00:01:28,680 --> 00:01:30,150
All kinds of information.

29
00:01:30,690 --> 00:01:39,270
Last time this information was updated, we see the registrar is Mark Monitor and we have an email address

30
00:01:39,270 --> 00:01:40,020
for that.

31
00:01:40,250 --> 00:01:45,090
Let's see, we have their name servers right here, which is pretty common when you see on the Internet.

32
00:01:45,090 --> 00:01:47,610
You'll see this a lot and just a lot more information.

33
00:01:47,610 --> 00:01:53,970
So who is a decent tool just to gather some like just based on information about a domain that you might

34
00:01:53,970 --> 00:01:57,180
be, you know, conducting a penetration test against?

35
00:01:57,180 --> 00:01:58,310
It's very, very useful.

36
00:01:58,320 --> 00:01:59,730
So I really recommend that you use it.