WHOIS (RFC 3912) protocol is a query and response protocol. The Whois tool is used to establish this protocol and intelligently choose the appropriate whois server and query its database. The information gathered from this database is information such as contact details for domains, IP Addresses and Admin assignments.
How to use Whois
The command format to use whois is
This simple command gives a lot of information about the domain such as:
- Creation Date
- Updated Date
- Registrant (details)
- Name Server
- Admin (details)
These are useful information that can help you get a better picture of your target.
We can also see that whois gathers this information instantly.
Whois is a very simple tool but it gathers a lot of information in a short amount of time. Thus, it is a tool you will want to add to your toolkit in for information gathering for your penetration test.
Kali Linux page for Whois: https://www.kali.org/tools/whois/
Source Repository for Whois: https://github.com/rfc1036/whois