DEV Community

Hafiz Muhammad Attaullah
Hafiz Muhammad Attaullah

Posted on

To find company admin panels

⚙️Some ways to find company admin panels 💻

  1. Using Google Dorks:

site: target.com inurl: admin | administrator | adm | login | l0gin | wp-login

intitle: "login" "admin" site: target.com

intitle: "index of / admin" site: target.com

inurl: admin intitle: admin intext: admin

  1. Using httpx and a wordlist:

httpx -l hosts.txt -paths /root/admin-login.txt -threads 100 -random-agent -x GET, POST -tech-detect -status-code -follow-redirects -title -content-length

httpx -l hosts.txt-ports 80,443,8009,8080,8081,8090,8180,8443 -paths /root/admin-login.txt -threads 100 -random-agent -x GET, POST -tech-detect -status- code -follow-redirects -title -content-length

  1. Using utilities:

https://github dot com/the-c0d3r/admin-finder
https://github dot com/RedVirus0/Admin-Finder
https://github dot com/mIcHyAmRaNe/okadminfinder3
https://github dot com/penucuriCode/findlogin
https://github dot com/fnk0c/cangibrina

  1. Using search engines:

Sh0dan:

ssl.cert.subject.cn:"company.com "http.title:" admin "

ssl: "company.com" http.title: "admin"

ssl.cert.subject.cn:"company.com "admin

ssl: "company.com" admin

Fofa:

cert = "company.com" && title = "admin"

cert.subject = "company" && title = "admin"

cert = "company.com" && body = "admin"

cert.subject = "company" && body = "admin"

ZoomEye:

ssl: company.com + title: "admin"

ssl: company.com + admin

Censys (IPv4):

(services.tls.certificates.leaf_data.issuer.common_name: company.com) AND services.http.response.html_title: admin

(services.tls.certificates.leaf_data.issuer.common_name: company.com) AND services.http.response.body: admin

www.github.com/attaullahshafiq10

Discussion (0)