Footprinting is a tactic ethical “white hat” hackers use to identify security gaps in a system, network, or infrastructure. It entails the collecting necessary details about a target to decide the best method to use to infiltrate their defenses.
The attackers collect and log every available information such as the details about the individual, the organization, the network, the other users, etc.
Active footprinting
Active footprinting entails using multiple tools to directly target the company’s systems to acquire sensitive data on their mode of operation and any likely security gaps that can be exploited. It is harder for the attacker to pull off, and the target’s security protocols can easily detect it because it’s easy for the organization’s security software to detect.
Passive footprinting
Passive footprinting, however, is a much slower method and engages more social engineering know-how — and a lot of luck. Here, the attacker performs mundane activities like a random Google search, or they can go on social media to gather private information, among other things.
Hackers can even use details about work interactions, job openings, and other job-related data to execute passive footprinting.