Whois Enumeration

Whois is a TCP service, tool, and type of database that can provide information about a domain name, such as the name server and registrar. This information is often public, since registrars charge

Whois Lookup

whois {domain.com} -h {ip}

We can gather basic information about a domain name by executing a standard forward search and passing the domain name, domain.com, into whois, providing the IP address of our WHOIS server as an argument of the host (-h) parameter.

Whois Reverse Lookup

Assuming we have an IP address, we can also use the whois client to perform a reverse lookup and gather more information.

whois {AttackerIP} -h {ServerIP}

PreviousFast Track NextOSINT

Last updated 1 year ago