⚙️Some ways to find company admin panels 💻
- Using Google Dorks:
site: target.com inurl: admin | administrator | adm | login | l0gin | wp-login
intitle: "login" "admin" site: target.com
intitle: "index of / admin" site: target.com
inurl: admin intitle: admin intext: admin
- Using httpx and a wordlist:
httpx -l hosts.txt -paths /root/admin-login.txt -threads 100 -random-agent -x GET, POST -tech-detect -status-code -follow-redirects -title -content-length
httpx -l hosts.txt-ports 80,443,8009,8080,8081,8090,8180,8443 -paths /root/admin-login.txt -threads 100 -random-agent -x GET, POST -tech-detect -status- code -follow-redirects -title -content-length
- Using utilities:
https://github dot com/the-c0d3r/admin-finder
https://github dot com/RedVirus0/Admin-Finder
https://github dot com/mIcHyAmRaNe/okadminfinder3
https://github dot com/penucuriCode/findlogin
https://github dot com/fnk0c/cangibrina
- Using search engines:
Sh0dan:
ssl.cert.subject.cn:"company.com "http.title:" admin "
ssl: "company.com" http.title: "admin"
ssl.cert.subject.cn:"company.com "admin
ssl: "company.com" admin
Fofa:
cert = "company.com" && title = "admin"
cert.subject = "company" && title = "admin"
cert = "company.com" && body = "admin"
cert.subject = "company" && body = "admin"
ZoomEye:
ssl: company.com + title: "admin"
ssl: company.com + admin
Censys (IPv4):
(services.tls.certificates.leaf_data.issuer.common_name: company.com) AND services.http.response.html_title: admin
(services.tls.certificates.leaf_data.issuer.common_name: company.com) AND services.http.response.body: admin
Top comments (1)
please sir i am interested and like to learn this but this is not clear to me. i dont understand this.