Chapter – 8 | Information Gathering | (Concept + Tools)

You may develop the most devastating malware however it makes no sense to just keep it with you. Understanding the concept of information gathering than becomes important. So we will focus on what’s important.

Let’s begin.

What is Information Gathering?

Information Gathering is the act of gathering different kinds of information against the targeted victim or system. Both the penetration testers and (white hat, black hat) hackers have to proceed through this early first stage of ethical hacking.

This step is important cause we may need information such as (pet name, best friend’s name, age, phone number, birthdate etc.) to perform password guess attack and other kinds of attacks.

You can check out some cool public sources such as Whois, nslookup that can help you in the process of gathering information.

Greater the information gathered, greater the chances of obtaining relevant results.

A Malware is meant to attack, that’s why it’s been created. In this post we will learn how to identify the target to attack among many things, so stay tuned.

Fixing on a target : –

choose your target
Choose carefully.

Before we launch our attack to a system, it is important to fix on a target.

A target can be an individual or a complete organization.

So after this step is clear then we can move to the stage called reconnaissance.


It is a military term, this means to obtain information about enemy’s territory using visual information.

So like a military officer, our task will be to first obtain information about our target.

Information Gathering Methods

information can be gathered using a framework of methods and then can be further classify to different categories. The method you choose has to be suitable and appropriate according to the situation.

We can gather information using :

1. Passive Methods

2. Active Methods

Let’s understand how….

1. Passive Methods : –

Passive methods include anything that doesn’t involve direct interaction with your target.

In this way we gather information from social channels, research papers etc.

It’s more like an open source approach.

2. Active Methods : –

Active methods include anything that involves direct interaction with your target.

It could be like talking to the individual to extract information.

A hacker can approach in this two ways.

Identity at risk

IP adress can be traced by you or of you in the process of direct interaction with your target via social channels or digital platforms. The infromaiton gathering leaves one vulnerable as their identities can be easily tracked.

An IP address is the address from where a message originates on a network.

Using this address any ststem is identified in a network.

Since in both the methods of Information gathering attacker is required to be connected to a network, the IP Address gets compromised.

To prevent this problem hackers are required to mask their identity.

Question Alert!

What is Masking Identity?

Every system has it’s own unique IP Address for connecting to networks, this IP Addresses can be traced to find out the location of the system and many more information. Masking Identity means utilizing methods and resources to hide or camouflage your identity while programming and executing an attrack.

How do Hackers hide their identity while Hacking?

That’s a good question, let us tell you how they hide it.

Proxy is one way on masking the identity.

Again with the quesitons right?

What is Proxy?

A proxy will reroute your connection from via a third party server so the website you access will not be able to read data specific to you. The proxy will hide all of your information from the resources you access. Any server on the other end will only get the information that you provide.

Proxy servers are used as an intermediary between an attacker and the target.

An attacker accesses the target’s information with these proxies.

In the target system (the proxy location is showed) it shows the location of this attack was originated by the proxy servers.

There are plenty of free and paid proxies available, though it is recommened that you use paid proxies while carring out some serious attack cause  free proxy can have sheer number of individuals that will be using this free proxy at any given time, so a stable connection is not promised here.

Some popular proxies :









A VPN (virtual private network) basically extends a private network over the public internet, which in turn scrambles the data passing between you and a web server leaving it useless for anyone trying to access it. While it doesn’t prevent someone from attacking your machine directly, it does a pretty good job of hiding your identity.

Some free vpn sites :


Hotspot Shield



TurboVPN (app)

TOR Browser

The TOR network will bounce your connection across multiple points to provide even higher anonymity to it’s user. The network contains multiple tunnels across the globe, that are used to bounce the users signal. The network is accessed from the Tor browser and websites on the network have a specific address that you need to know to be able to access them. While it does provide anonymity, one should also note the threats from using the network.

Virtual Machines

Virtual machines and a virtual network are the best and safest way to set up a hacking procedure. There are several virtualization systems out there, including Citrix, Oracle’s VirtualBoxKVM, Microsoft’s Virtual PC and Hyper-V, and VMware’s WorkstationVMware Player and ESXi.

Your browser isn’t the only vector for third parties to invade ones privacy. PDFs and other seemingly harmless files can serve as homing beacons, and potentially alert government entities when you’re viewing planted contraband. To prevent any sort of unintended breach of privacy, hackers open suspect files inside of a virtual machine.

Tunneling –

The process of creating connection between the attacker’s system and the Proxy Server is called Tunneling.

Tunneling helps in creating a private channel over a public network like Internet. There are many tunneling protocols like SSH, HTTP etc.

We will learn about them later in our blog.

Profiling –

Now it is time to collect informaiton, An important way to do this is by profiling the target.

By this method you can understand a thing or two about your target.

The best way to go about this is extracting information from their social profiles. It can give you vital infromation like Email Id, Date of Birth, Address, etc.

This way a personalized attack can be performed using the above information.

We have elloborate a lot here in this post, feel free to recap, come back, check out the links and continue to read our blogs.

Let us recap of what we have learned here –

  • Deciding on a target
  • Identifying what method to use
  • Masking your identity
  • Profiling

Thank you for reading our blog post, please give your feedback to us ^^

Learn our Ethical Hacking Course Here – Hacking Course | 2020

Learn our Digital Marketing Course Here – Digital Marketing | 2020

About the author

Sandeep Sarkar

Namaskaram, I am a student learning and sharing my knowledge and experience about the things that I learned from society, textbooks, and my own experiences, If my words can make someone's life better than that's all I was here for. Thank You

View all posts

We are all ears..