1 00:00:09,840 --> 00:00:17,170 Let us start with information gathering practicals in this spectacle, we are going to gather information 2 00:00:17,290 --> 00:00:23,440 using multiple multiple is an open source intelligence and forensics application. 3 00:00:23,980 --> 00:00:29,770 It gathers information about the target that represents this information in an easily understandable 4 00:00:29,770 --> 00:00:30,190 format. 5 00:00:30,760 --> 00:00:35,930 As an ethical hacker, you should look for as much information possible about the target. 6 00:00:36,550 --> 00:00:41,080 This lab will demonstrate what other information you can extract from the target. 7 00:00:41,110 --> 00:00:49,120 Now we will open the virtual machine and log into the virtual machine that goes to the applications 8 00:00:49,360 --> 00:00:51,880 and type multiple in the search field. 9 00:01:08,000 --> 00:01:15,050 So basically, what is my legal my legal is a footprinting tool, which is used to gather maximum information 10 00:01:15,200 --> 00:01:19,020 for the purpose of collecting forensics and testing it. 11 00:01:19,490 --> 00:01:25,940 It provides a library of transforms for discovery of data from open sources and visualizing that information 12 00:01:26,120 --> 00:01:30,140 into a graphical format suitable for link analysis and data mining. 13 00:01:30,390 --> 00:01:37,700 First, you need to register yourself into the article, then click the community version of mandigo 14 00:01:37,940 --> 00:01:38,870 and click proceed. 15 00:01:45,190 --> 00:01:51,420 Accept all the terms and conditions and click next there you need to give your email address and password 16 00:01:51,690 --> 00:01:55,920 and register yourself by clicking register here on the top. 17 00:02:04,030 --> 00:02:11,590 After clicking register now, a page will open with you to fill your all information and then you will 18 00:02:11,590 --> 00:02:16,860 receive a mail, you just need to click the link you received on the mail and then you're done. 19 00:02:18,970 --> 00:02:23,530 As I've already registered, I will proceed by filling my login details. 20 00:02:30,050 --> 00:02:32,870 Mualla, you have successfully logged into multiple. 21 00:02:36,550 --> 00:02:42,010 It's initializing the street and then a screen will appear in front of you. 22 00:02:49,140 --> 00:02:55,620 Click the new file icon located at the top left corner of the graphical user interface, the toolbar 23 00:02:55,770 --> 00:02:56,970 to start a new graph. 24 00:02:58,640 --> 00:03:05,060 The new Graffman window appears along with the ballot in the Lifan, it contains a list of different 25 00:03:05,060 --> 00:03:11,000 building transforms, expand the infrastructure nor under the entity ballot. 26 00:03:13,870 --> 00:03:21,100 Expand the north and observe a list of entities such as it is business name, domain name and many more. 27 00:03:22,420 --> 00:03:27,670 The scroll down and track the website entity onto the new Graffin section. 28 00:03:34,150 --> 00:03:40,570 The entity appears on the new graph with W. W. W. Petrova dot com. 29 00:03:41,200 --> 00:03:45,670 This is the euro by default, Double-Click by Treva dot com. 30 00:03:45,880 --> 00:03:55,060 Rename the domain name to w w w dot Microsoft dot com for taking Microsoft dot com to gather information. 31 00:04:00,120 --> 00:04:03,480 Right, click the entity and select or transform. 32 00:04:08,470 --> 00:04:15,370 All transforms, this appears now click to server technologies using built with 33 00:04:17,950 --> 00:04:25,030 multiple startling transform server technologies using built with observe the Status in Progress Bar. 34 00:04:28,910 --> 00:04:34,910 Once Malil completes the transforming cellulosic technologies, it displays the technology implemented 35 00:04:34,910 --> 00:04:39,310 on the server that hosts the website as shown on the screen. 36 00:04:42,420 --> 00:04:48,240 After obtaining the building technologies of the server, attackers might search for vulnerabilities 37 00:04:48,450 --> 00:04:55,560 related to any of them and simulate extradition techniques to hack them to start a new transform, select 38 00:04:55,560 --> 00:04:59,610 all the entities pressing control on the keyboard and press delete. 39 00:05:05,710 --> 00:05:11,800 Now, again, right, click the entity and select all transforms to domain DNS. 40 00:05:15,300 --> 00:05:21,540 The domain corresponding to the website is displayed here Romanies Microsoft dot com. 41 00:05:22,170 --> 00:05:29,820 Now right click the entity and select all transforms to DNS name using name schema additional. 42 00:05:46,350 --> 00:05:53,580 This transform will attempt to test various name schemas against Lumin and try to identify a specific 43 00:05:53,580 --> 00:06:00,900 name schema for domain as shown on the screen after identifying the name schema attacker's attempt to 44 00:06:00,900 --> 00:06:06,510 simulate various exploitation techniques to gain sensitive information related to the resultant name 45 00:06:06,510 --> 00:06:06,980 schemas. 46 00:06:07,320 --> 00:06:13,620 For example, an attacker to implement the brute force or dictionary attack and gain confidential information, 47 00:06:14,170 --> 00:06:17,370 isolate all the names, schemas and track and delete them. 48 00:06:26,000 --> 00:06:34,450 Right, click the domain entity and select or transforms to DNS name start of authority that is easily. 49 00:06:40,720 --> 00:06:48,090 This returns the primary name server and the e-mail of the domain administrator by extracting the associated 50 00:06:48,100 --> 00:06:54,310 information, attackers attempt to find vulnerabilities in the services and architectures and therefore 51 00:06:54,490 --> 00:06:55,240 exploit them. 52 00:06:56,200 --> 00:06:58,840 You can see the name server on your screen. 53 00:06:59,320 --> 00:07:01,850 So both the entities and the them. 54 00:07:06,620 --> 00:07:13,100 This is all for this video, next video, we will explore some more utilities of multicore.