Nov. 30, 2020, 9:03 a.m.
For a Penetration Tester or Threat Analyst, if you want to really get into any website you must know the in and outs of the website. People often says or use tools they do not funny understand or are called script-kiddies period. Now Say we have a Website to Test or Analyse, the basic step is to get Its Name Servers, Domain Information, DNS Records, MX-Records and so on,
But finding that could be a bit tricky sometimes, WebAnalyzer helps you accumulate that knowledge on one place so you do not have to rush to multiple tools for multiple needs . You just have to provide the target url and bamn with in Fractions of Seconds you would have results in your hand to further continue your target.
NameServers are like a bridge between urls and website. Without NameServers one has to memorize IP addresses in order to access websites. So the next question is How They Are Different from DNS-Records. A DNS Server is a server with public ip addresses and their associated hostnames. Say, if a DNS Records is a contact-number in a phone-contact, the nameserver is the complete phonebook, having stored DNS Records to be looked up. Updating the nameservers will update each DNS Record associated with it. Lets check Sample NameServers:
When you enter esferasoft.com, you will get the following nameservers.
MX Records are their to configure emails to the domain name.It is basically an enitity which specifies an email server to handle domain's email. One Can configure server MX Records for their domains. MX records can alter admin from a phishing attack in advance, once analyzed by incoming emails for a malware.
Executing coordinated MX-record checking, and proactively obstructing incoming emails from unauthorized domains, will radically diminish your organization's danger of any parallel phishing or BEC(Business e-mail compromise) assaults
It is recommended to use lowest number records for your domain.
Typical MX Records for the domain would be:
Usually internet works through data-transmission through specific number of protocols. And each protocol is assigned
a unique/specific Port Number.
Why Some Ports are Always Open?
Good Question! There are thousands of Port Numbers for the different protocols. There are reasons those ports are open: the target system has some service listening for input, ready to process it. And some are kept open for certain protocols. Lets take an example, A thief wanting to steal from your home. He possibly looking for a way to sneak in. But the doors are locked securly. So he will target windows(other open public ports) to get in and steal your stuff.
So one should not keep unwanted ports kept open for any server loophole or bypassing. Unless a service is running on that port and its secured one way communication. The Table Below shows default Use Ports
|Port 20||FTP (file transfer protocol)|
|Port 22||SSH and SFTP|
|Port 25||SMTP (outgoing email)|
|Port 465||SMTP over SSL|
|Port 143||IMAP (incoming email)|
IMAP over SSL Like12:59 pm