1. Используя Google дорки:
2. Используя httpx (https://github.com/projectdiscovery/httpx) и список слов (https://github.com/emadshanab/admin-login/blob/main/admin-login.txt):
3. Используя утилиты:
4. Используя поисковые системы:
Shodan (https://www.shodan.io/):
Fofa (https://fofa.so/):
ZoomEye (https://www.zoomeye.org/):
Censys (IPv4 (https://censys.io/ipv4)):
Code:
site:target.com inurl:admin | administrator | adm | login | l0gin | wp-login
intitle:"login" "admin" site:target.com
intitle:"index of /admin" site:target.com
inurl:admin intitle:admin intext:admin
2. Используя httpx (https://github.com/projectdiscovery/httpx) и список слов (https://github.com/emadshanab/admin-login/blob/main/admin-login.txt):
Code:
httpx -l hosts.txt -paths /root/admin-login.txt -threads 100 -random-agent -x GET,POST -tech-detect -status-code -follow-redirects -title -content-length
httpx -l hosts.txt-ports 80,443,8009,8080,8081,8090,8180,8443 -paths /root/admin-login.txt -threads 100 -random-agent -x GET,POST -tech-detect -status-code -follow-redirects -title -content-length
3. Используя утилиты:
GitHub - the-c0d3r/admin-finder: Blazing fast admin panel finder with asyncio and aiohttp
Blazing fast admin panel finder with asyncio and aiohttp - the-c0d3r/admin-finder
github.com
GitHub - JehadAlqurashi/HitURL: Hit valid URL
Hit valid URL. Contribute to JehadAlqurashi/HitURL development by creating an account on GitHub.
github.com
GitHub - mIcHyAmRaNe/okadminfinder3: [ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻
[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻 - mIcHyAmRaNe/okadminfinder3
github.com
GitHub - fnk0c/cangibrina: A fast and powerfull dashboard (admin) finder
A fast and powerfull dashboard (admin) finder. Contribute to fnk0c/cangibrina development by creating an account on GitHub.
github.com
4. Используя поисковые системы:
Shodan (https://www.shodan.io/):
Code:
ssl.cert.subject.cn:"company.com" http.title:"admin"
ssl:"company.com" http.title:"admin"
ssl.cert.subject.cn:"company.com" admin
ssl:"company.com" admin
Fofa (https://fofa.so/):
Code:
cert="company.com" && title="admin"
cert.subject="company" && title="admin"
cert="company.com" && body="admin"
cert.subject="company" && body="admin"
ZoomEye (https://www.zoomeye.org/):
Code:
ssl:company.com +title:"admin"
ssl:company.com +admin
Censys (IPv4 (https://censys.io/ipv4)):
Code:
(services.tls.certificates.leaf_data.issuer.common_name:company.com) AND services.http.response.html_title:admin
(services.tls.certificates.leaf_data.issuer.common_name:company.com) AND services.http.response.body:admin