Whois: is a response protocol for database to store registered users to Internet resources such as domain names and IP addresses.

Nslookup: is a network administration command line tool for operating systems of many computers to query DNS for IP address and domain names for specific DNS record.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

Host tool: This tool is usually used for converting IP address of an organization to name and vice-versa.

Recon tool: Recon-ng is a complete web reconnaissance framework with independent modules, database and command completion.
It is quick tool for checking vulnerability and helps in gathering data via Metasploit.

Output of Recon-ng tool showing brute-host names, ip address, region, country, latitude, longitude and module.

Output shows the resolve hosts:

Output shows the reverse host names, addresses, region, country, latitude, longitude and module.

Output of geo locations using latitude, longitude, street address and module.

Output of reverse geo locations.

Output of reverse geo location- contacts

Output of creating workspace and saving files to a folder of an organization.

NMAP: is security scanner to discover hosts and services on a network to keep track of services going on a network of an organization.


Maltego: online investigation data mining tool to graph analysis.


1) A random traffic from your computer (while running in promiscuous mode) select an unencrypted transaction and provide the following information.

2) Find another transaction that one of the parties activated a reset command for it.

3) Disable the promiscuous mode and capture the traffic again.

4) Capture your MAC Address and show a print screen in your mac address as displayed by your computer and Wireshark.
MAC address is a unique 3-byte code generated by unique code called OUI(Organizational Unique Identifier) which is assigned by a network adapter.

5) Capture an ARP transaction in Wireshark.

Windows command to display ARP table, capture the screenshot and explain what is listed in it.

6. Run tcpdump command on your Kali Linux VM.

Capturing traffic to a specific port 21.

Capture traffic from a portrange of your choice.

Capture traffic only from a specific IP address

Capture traffic only from a specific interface