Back to course

Tool: Whois and Domain Information Gathering

Cyber Security Mastery: From Zero to Hero

The Whois Protocol

When a domain name is registered, information about the registrant (owner), administrative contacts, and technical contacts is stored in a publicly accessible database via the Whois protocol.

Information Revealed by Whois

  • Registrant Name and Contact Information (if not redacted).
  • Domain Creation and Expiration Dates.
  • Nameservers (e.g., ns1.targetdomain.com).
  • Registrar (the company that registered the domain).

Using the whois Tool in Kali

The whois utility is natively available in Kali Linux.

bash

Example usage

whois google.com

Hacker Use Case: Identifying potential contacts for social engineering, determining the hosting provider, or finding domain names that might belong to the same parent company (co-hosted infrastructure).