In hacking, determining the operating system of a target is important. In case of someone want to send a virus or something to your system through an .exe file, knowing the operating system is very important. The .exe file for windows, linux, mac and others is different, and .exe from windows might not be accessible in mac. So if you are targeting someone, knowing the operating system of your target’s device is very important aspect that you need to find out.

There are some tools that can determine the operating system, for example nmap. The best known feature about nmap is their operating system detection. They send a TCP/UDP packet to the host and gather and examine their respond, and then compare it to the database to find out the matching operating system database. The IDIP sent by an operating system are varied
There are also other operating system fingerprinting tools such as:
– P0f
– Siphon
– Ring
– Banner Grabbing
– Xprobe2

There are several fingerprinting methodologies:
– FIN probe
– TCP ISN Sampling
– IPID Sampling
– TCP initial window
– ACK value
– Fragmentation Handling
– TCP option (1 to 4)

In addition, finding their DNS is important too. There are some tools that you can find it online, for example dnstrail.com or censys.io
If you want to hack into a domain, finding their old records through these website can be useful. Old records can be important, old admin page or some abandoned records that are left behind can leave some scripts or page that might not be secure enough so you can brute force the domain. If you don’t find any of these things, you might be able to find some sensitive information regarding the domain.