# Introduction - WHOIS is a widely used query and response protocol designed to access DBs that store information about registered internet resources - primarily domain names but also includes into re: IP address blocks and autonomous systems (ASs) - Essentially a phonebook for internet and online assets ```bash sudo apt update sudo apt install -y whois whois inlanefreight.com ``` - Each WHOIS record typically includes: - Domain Name - Registrar - Registrant contact - Administrative contyact - Technical contact - Creation and expiration date - Name servers - WHOIS data serves as a treasure trove of information for penetration testers during the reconnaissance phase of an assessment, including valuable insights into the target org's digital footprint and potential vulns such as - Identifying key personnel - Discovering network infrastructure - Historical data analysis