Footprinting using WHOIS
Foot printing is passive reconnaissance. In this, hacker tries to get information about target through indirect medium. It involves finding public information about the individual or enterprise through Newsgroup, forums, WHOIS information, DNS information, etc.
WHOIS:
WHOIS can be described as a tool that gives the valuable information about domain name or IP address of the web site or web application. There are many WHOIS databases like ARIN (American Registry for Internet Numbers) that collects the information about websites.
These databases can be accessed by anybody. They are open to all. And can provide vital information that includes contact name, physical address, IP address, DNS address, etc. thus hackers can use WHOIS information for the reconnaissance i.e. for gathering information about target.
Deliverable:
--> In Web browser url "https://who.is"
In search box of search domain name and IP address, type the domain name or IP address of the web site whose information needs to be found out.
OR
In Kali Linux Terminal
~# whois {domain name}
We will get Domain name, IP address, Registrant, Contact information like Administrative as well as Technical Contact name, Address, Phone number and Email address. Also we will get Content data, Traffic data, Name servers on which the web site is hosted, plus the old as well as new registrant information. We can also get DNS records like SOA records.