LIVE NEWSROOM · --:-- · May 15, 2026
A LIBRARY FOR SECURITY RESEARCHERS
Information Gathering #ethical hacking #footprinting #footprinting through web service

Footprinting Through Web Service Tools

TE Team Ciphers Security · May 7, 2023 · 4 min read · 4.2k reads
Post on X LinkedIn
Footprinting Through Web Service Tools

Hello reader, this article is dedicated to discussing how you can extract information about your target organization by footprinting through web services tools.

Web services tools include social networking sites, people search services, alerting services, financial services, and job sites, that can provide information about the target organization.

The collected information may include infrastructure details, physical location, employees detail, network details, security infrastructure, and other critical information about the target organization.

Tools and Web services we are going to use and discuss:-

  1. Netcraft:
    • For getting information about target organization domains and subdomains
  2. PeekYou
    • For getting personal information about target people of an organization or individual
  3. theHarvester
    • This tool is useful for getting multiple information about the target, but we will see how to email address of the target
  4. Censys
    • For getting information about the target network system like OS, IP, and Security Protocols.
  5. Deep and Dark web By Tor Browser
    • For getting any critical information about the target organization that is not available on the surface web or not indexed one

// 01 Footprinting Through Netcraft

Netcraft is a web service tool that can provide us with information that includes domains and subdomains of any organization.

It is loaded with much information about your target that can be very useful for the footprinting and understanding of your target infrastructure.

For using the Netcraft web service tool you need to navigate to its website :Netcraft:

Then navigate to the Resources -> Tools -> Site Report [as shown in the image below]

netcraft web service tool

The Netcraft tools will have appeared as shown in the image below

netcraft tool

Now you can give your target organization domain for getting information about it. I am using Microsoft.com as my target organization for example.

Information from netcraft

Now you will get all the possible information about your target organization’s network infrastructure that can be very useful for understanding target network security and vulnerabilities.

// 02 Footprinting through PeekYou

Peekyou is a web service tool that allows you to find people in any state by searching their names or social media usernames.

This can help you to gather information about your target organization’s employees, admins, or the owner itself.

This web service can include information like names, contact details, address detail, date of birth, photographs, videos, family and friend details, professional details, social networking profiles, property information, and optional background on criminal checks.

You can navigate to the Peekyou website from this link [PeekYou]

peekyou

the website looks like the above image. now you need to enter the first and last name of your target person and then search for them.

I am choosing Mark Zuckerberg as my target person only for the explanation.

peekyou search

here you’ll see all the personal and professional details about the target person. This information is helpful in understanding our target person’s personal life and professional life which leads to a successful social engineering attack.

// 03 Footprinting through theHarvester

theHarvester is the OSINT tool for the footprinting stage to help determine a domain’s external threat landscape. It will help to get information like names, emails, IPs, domains, subdomains, and URLs by using multiple public resources.

We will use a harvester tool for gathering email information about our target organization. Because emails are like the personal identification of any employee or organization.

So, gathering email information of critical personnel is one of the key tasks of the footprinting stage.

You can check our article on theHarvester tool for installation and use information

Check for theHarvester tool in your terminal by the command: theHarvester

theHarvester tool

now for gathering email information about your target organization. you need this command type theHarvester -d amazon.com -l 100 -b duckduckgo and press enter

Note: here -d specifies the domain or company name to search, -l specifies the number of results to be retrieved, and -b specifies the data source.

theHarvester tool result

here I choose amazon.com as my target and I got these emails information from the tool. This will help me in finding a person’s personal detail and a way to successful social engineering attacks.

// 04 Footprinting with Censys web service

Censys is a web service tool that is used for getting crucial information about the target operating system, and it will help you with much other information gathering.

Censys can gather information that includes the operating systems, IP address, city, country, latitude/longitude, and hostname of the target organization.

Here I am choosing microsoft.com as my target and I will try to gather information about their operating system and location city.

You can navigate to the Censys search engine from here.

censys

The above image shows the information I got from censys tool that includes IP addresses, Protocol, location, and OS details.

Related coverage on Ciphers Security

    TE
    Team Ciphers Security

    The Ciphers Security editorial team — practitioners covering daily threat intel, CVE deep-dives, and hands-on cybersecurity research. About us →

    Previous Footprinting Through Search Engines Next How to install Photon Script in Linux

    Latest News

    YARA-X 1.16.0: Faster Scans, Panic Fixes, and Neovim LSP Support YARA-X 1.16.0 ships with performance improvements across 10 PRs, constant folding for bitwise ops, configurable mat… Instructure Removed from ShinyHunters' Leak Site as Canvas Breach Deadline Passes Instructure was quietly removed from ShinyHunters' extortion site after the May 12, 2026 deadline — no data dump, n… Costa Rica Joins Have I Been Pwned as the 42nd Government Costa Rica's CSIRT gains free access to Have I Been Pwned's government domain monitoring service, becoming the 42nd… LummaC2 Infostealer Targets US Critical Infrastructure: CISA-FBI Advisory AA25-141B and DOJ Domain Seizures CISA and FBI advisory AA25-141B details LummaC2 MaaS infostealer TTPs targeting critical infrastructure. DOJ seized… MacSync Stealer: Hackers Abuse Google Ads and Claude.ai Chats to Push Mac Malware Russian-speaking attackers combine Google Ads and Claude.ai shared chats in a ClickFix campaign deploying MacSync S… JDownloader Site Hacked, Installers Swapped with Python RAT Malware JDownloader's website was hacked May 6–7, 2026, replacing Windows and Linux installers with a Python-based RAT. Use… Operation HookedWing: 4-Year Phishing Campaign Hits 500+ Organizations Across Aviation, Energy, and Logistics Operation HookedWing has stolen credentials from 500+ organizations in aviation, energy, logistics, and critical in… Twelve Critical vm2 Node.js Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution A dozen CVEs in the vm2 Node.js sandbox library — including CVSS 10.0 flaws — allow sandbox escape and RCE. Update …
    Scroll to Top