Information Gathering: Difference between revisions
No edit summary |
|||
| (12 intermediate revisions by 5 users not shown) | |||
| Line 1: | Line 1: | ||
= | == Passive Reconnaissance == | ||
Passive techniques involve no direct interaction with the target system. They rely on publicly available data, and are less likely to trigger detection mechanisms. | |||
Hi there, | |||
We run a Youtube growth service, where we can increase your subscriber count safely and practically. | |||
- Gain 700-1500+ real, human subscribers who subscribe because they are interested in your channel/videos. | |||
- Safe: All actions are done, without using any automated tasks / bots. | |||
- Channel Creation: If you haven't started your YouTube journey yet, we can create a professional channel for you as part of your initial order. | |||
Our price is just $60 (USD) per month and we can start immediately. | |||
Would a free trial be of interest? | |||
Kind regards, | |||
Jess | |||
We have hacked your website https://hackops.wiki and extracted your databases. | |||
How did this happen? | |||
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server. | |||
What does this mean? | |||
We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site https://hackops.wiki was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index Our targets. | |||
== | How do i stop this? | ||
* [[ | |||
* [[ | We are willing to refrain from destroying your site's reputation for a small fee. The current fee is $5000 in bitcoins (0.043 BTC). | ||
* [[ | |||
* [[ | Send the bitcoin to the following Bitcoin address (Make sure to copy and paste): | ||
bc1qv46zymwh23dnseht0442w5pyszkgwasqm7fqme | |||
Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this e-mail or the database leak, e-mails dispatched, and de-index of your site WiLL start! | |||
How do i get Bitcoins? | |||
You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. | |||
What if i don't pay? | |||
We will start the attack at the indicated date and uphold it until you do, there's no counter measure to this, you will Only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers. | |||
This is not a hoax, do not reply to this email, don't try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again! | |||
Please note that Bitcoin is anonymous and no one will find out that you have complied. | |||
Hi there, | |||
We run an Instagram growth service, which increases your number of followers both safely and practically. | |||
- We guarantee to gain you 700-1500+ followers per month. | |||
- People follow because they are interested in your profile, increasing likes, comments and interaction. | |||
- All actions are made manually by our team. We do not use any 'bots'. | |||
The price is just $40 (USD) per month, and we can start immediately. | |||
If you have any questions, let me know, and we can discuss further. | |||
Kind Regards, | |||
Gemma | |||
Hi, | |||
I'm reaching out with a straightforward opportunity: we can promote hackops.wiki to a targeted audience of up to 1 million people each month. | |||
Our process is simple and designed for maximum conversion: | |||
1. Landing Page: First, we build a high-converting landing page specifically for your offer. This ensures the traffic we send has the best possible chance of turning into measurable leads and customers. | |||
2. Promotion: We then launch a dedicated email campaign for your offer to a 1 million-person segment of our audience, driving traffic directly to your new page. | |||
If you're interested, I can send over more information including samples and our campaign rates? | |||
Kind Regards, | |||
Emma | |||
== Active Reconnaissance == | |||
Active techniques involve sending packets to the target system and observing responses. This can reveal detailed technical data but may trigger logging or alerts. | |||
=== Common Techniques === | |||
* Scanning open ports using [[Nmap]] or [[Masscan]] | |||
* Banner grabbing to identify services | |||
* OS fingerprinting using TCP/IP stack behavior | |||
* DNS zone transfers and brute-forcing with [[dnsrecon]] or [[dnsenum]] | |||
* Detecting WAFs, proxies, or CDNs | |||
* Enumerating services like SMB, FTP, HTTP, SNMP | |||
* Fuzzing web directories and parameters to discover hidden content | |||
* DNS queries using tools like `dig` and `host` | |||
* Subdomain enumeration with tools such as [[Amass]] and [[Sublist3r]] | |||
=== Tools === | |||
* [[Nmap]] (network scanner for port and service discovery) | |||
* [[Masscan]] (high-speed port scanner) | |||
* [[Amass]] (subdomain enumeration and attack surface mapping) | |||
* [[dnsenum]] (DNS enumeration tool) | |||
* [[dnsmap]] (brute-force subdomain enumeration tool) | |||
* [[dnsrecon]] (DNS reconnaissance tool) | |||
* [[dig]] (DNS lookup utility) | |||
* [[host]] (DNS lookup utility) | |||
* [[whatweb]] (web technology fingerprinting) | |||
* [[Netcat]] (network utility for reading/writing data over connections) | |||
* [[Nikto]] (web server scanner for vulnerabilities) | |||
* [[Wappalyzer]] (detects technologies used on websites) | |||
* [[ffuf]] (web fuzzing tool for content discovery) | |||
* [[Sublist3r]] (active subdomain enumeration via multiple services) | |||
Latest revision as of 14:33, 20 August 2025
Passive Reconnaissance[edit | edit source]
Passive techniques involve no direct interaction with the target system. They rely on publicly available data, and are less likely to trigger detection mechanisms.
Hi there,
We run a Youtube growth service, where we can increase your subscriber count safely and practically.
- Gain 700-1500+ real, human subscribers who subscribe because they are interested in your channel/videos. - Safe: All actions are done, without using any automated tasks / bots. - Channel Creation: If you haven't started your YouTube journey yet, we can create a professional channel for you as part of your initial order.
Our price is just $60 (USD) per month and we can start immediately.
Would a free trial be of interest?
Kind regards, Jess
We have hacked your website https://hackops.wiki and extracted your databases.
How did this happen?
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.
What does this mean?
We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site https://hackops.wiki was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index Our targets.
How do i stop this?
We are willing to refrain from destroying your site's reputation for a small fee. The current fee is $5000 in bitcoins (0.043 BTC).
Send the bitcoin to the following Bitcoin address (Make sure to copy and paste):
bc1qv46zymwh23dnseht0442w5pyszkgwasqm7fqme
Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this e-mail or the database leak, e-mails dispatched, and de-index of your site WiLL start!
How do i get Bitcoins?
You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM.
What if i don't pay?
We will start the attack at the indicated date and uphold it until you do, there's no counter measure to this, you will Only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.
This is not a hoax, do not reply to this email, don't try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!
Please note that Bitcoin is anonymous and no one will find out that you have complied.
Hi there,
We run an Instagram growth service, which increases your number of followers both safely and practically.
- We guarantee to gain you 700-1500+ followers per month. - People follow because they are interested in your profile, increasing likes, comments and interaction. - All actions are made manually by our team. We do not use any 'bots'.
The price is just $40 (USD) per month, and we can start immediately.
If you have any questions, let me know, and we can discuss further.
Kind Regards, Gemma
Hi,
I'm reaching out with a straightforward opportunity: we can promote hackops.wiki to a targeted audience of up to 1 million people each month.
Our process is simple and designed for maximum conversion:
1. Landing Page: First, we build a high-converting landing page specifically for your offer. This ensures the traffic we send has the best possible chance of turning into measurable leads and customers. 2. Promotion: We then launch a dedicated email campaign for your offer to a 1 million-person segment of our audience, driving traffic directly to your new page.
If you're interested, I can send over more information including samples and our campaign rates?
Kind Regards, Emma
Active Reconnaissance[edit | edit source]
Active techniques involve sending packets to the target system and observing responses. This can reveal detailed technical data but may trigger logging or alerts.
Common Techniques[edit | edit source]
- Scanning open ports using Nmap or Masscan
- Banner grabbing to identify services
- OS fingerprinting using TCP/IP stack behavior
- DNS zone transfers and brute-forcing with dnsrecon or dnsenum
- Detecting WAFs, proxies, or CDNs
- Enumerating services like SMB, FTP, HTTP, SNMP
- Fuzzing web directories and parameters to discover hidden content
- DNS queries using tools like `dig` and `host`
- Subdomain enumeration with tools such as Amass and Sublist3r
Tools[edit | edit source]
- Nmap (network scanner for port and service discovery)
- Masscan (high-speed port scanner)
- Amass (subdomain enumeration and attack surface mapping)
- dnsenum (DNS enumeration tool)
- dnsmap (brute-force subdomain enumeration tool)
- dnsrecon (DNS reconnaissance tool)
- dig (DNS lookup utility)
- host (DNS lookup utility)
- whatweb (web technology fingerprinting)
- Netcat (network utility for reading/writing data over connections)
- Nikto (web server scanner for vulnerabilities)
- Wappalyzer (detects technologies used on websites)
- ffuf (web fuzzing tool for content discovery)
- Sublist3r (active subdomain enumeration via multiple services)