URL’s & OSINT
URL’s Manipulation 4 Reconnaissance
Hello hello! ⚡
⚡ Nice to see you here!
👀 Are you tired of spending hours searching for information online?
Well, I have some good news for you!
- Open-source intelligence (OSINT) can help you collect & analyze data from various sources to gain valuable insights. One of the most useful techniques in OSINT is URL manipulation, which involves modifying a website’s URL to access hidden information.
Let’s dive into URL manipulation and its role in OSINT. URLs comprise several parts, including the protocol (http, https), the domain name, the path, and query parameters. Query parameters are the most important for URL manipulation since they can be modified to access different pages, data, or functionality.
So, how can URL manipulation help you in real-life scenarios?
Imagine you’re a journalist investigating a company’s unethical practices. You can use URL manipulation to access hidden pages or directories that reveal information about the company’s operations. Or, as a cybersecurity researcher, you can use URL manipulation to test for vulnerabilities & identify potential security threats.
Here are 30 practical examples of URL manipulation for different scenarios:
1. Accessing a hidden login page: add “/login” to the end of the URL to access the login page.
Example: www.example.com/login
2. Bypassing login: add “?loggedin=true” to the end of the URL to bypass the login page.
Example: www.example.com/dashboard?loggedin=true
3. Changing page parameters: modify the page number or limit parameters to access different pages or more results.
Example: www.example.com/articles?page=2 or www.example.com/search?limit=50
4. Filtering content: add filters to the query parameters to filter content by category, date, location, or other criteria.
Example: www.example.com/products?category=electronics or www.example.com/news?date=2021-07-01
5. Searching for keywords: add the keyword parameter to the URL to search for specific words or phrases.
Example: www.example.com/search?keyword=OSINT or www.example.com/blog?query=artificial+intelligence
6. Testing for vulnerabilities: add known vulnerabilities or exploits to the URL to test if the website is vulnerable.
Example: www.example.com/vulnerability.php?id=1' or www.example.com/exploit.php?cmd=ls
7. Checking for robots.txt: add “/robots.txt” to the end of the URL to check if the website has a robots.txt file that may reveal hidden directories or pages.
Example: www.example.com/robots.txt
8. Testing for directory listing: add “/directory/” to the end of the URL to test if the directory is accessible and lists the files inside.
Example: www.example.com/images/
9. Enumerating usernames: add a username parameter to the URL to test if the website reveals if a username exists or not.
Example: www.example.com/user.php?username=admin or www.example.com/profile.php?user=john
10. Testing for file inclusion: add known vulnerabilities to the URL to test if the website is vulnerable.
Example: www.example.com/index.php?page=../../etc/passwd or www.example.com/view.php?file=/var/log/apache/access.log
11. Accessing a hidden forum: add “/forum” or “/discussion” to the end of the URL to access the forum or discussion page.
Example: www.example.com/forum or www.example.com/discussion
12. Checking for backups: add “/backup” or “/backup.zip” to the end of the URL to check if the website has backups that may contain sensitive information.
Example: www.example.com/backup or www.example.com/backup.zip
13. Accessing a hidden API: add “/api” to the end of the URL to access the API endpoint.
Example: www.example.com/api
14. Checking for file upload vulnerabilities: add known file upload exploits to the URL to test if the website is vulnerable.
Example: www.example.com/upload.php?file=../../etc/passwd or www.example.com/upload.php?file=/etc/shadow
15. Accessing a hidden wiki: add “/wiki” to the end of the URL to access the wiki page.
Example: www.example.com/wiki
16. Checking for subdomains: add a subdomain parameter to the URL to test if the website has subdomains.
Example: www.example.com/subdomain.php?subdomain=blog
17. Testing for SQL injection vulnerabilities: add known SQL injection exploits to the URL to test if the website is vulnerable.
Example: www.example.com/search.php?keyword=' or www.example.com/admin.php?id=1'
18. Checking for XSS vulnerabilities: add known XSS exploits to the URL to test if the website is vulnerable.
Example: www.example.com/search.php?keyword=<script>alert(1)</script>
19. Accessing a hidden chat room: add “/chat” or “/chatroom” to the end of the URL to access the chat room.
Example: www.example.com/chat or www.example.com/chatroom
20. Checking for email addresses: add an email parameter to the URL to test if the website reveals email addresses.
Example: www.example.com/contact.php?email=admin@company.com
21. Accessing a hidden FTP server: add “/ftp” to the end of the URL to access the FTP server.
Example: www.example.com/ftp
22. Checking for server-side includes: add known server-side include exploits to the URL to test if the website is vulnerable.
Example: www.example.com/index.php?page=/etc/passwd
23. Accessing a hidden file: modify the path parameter to access a hidden file.
Example: www.example.com/file.php?path=/etc/passwd
24. Checking for PHP info: add “/phpinfo.php” to the end of the URL to check if the website has a PHP info file that may reveal sensitive information.
Example: www.example.com/phpinfo.php
25. Accessing a hidden video: modify the video parameter to access a hidden video.
Example: www.example.com/video.php?id=1234
26. Checking for server status: add “/server-status” to the end of the URL to check if the website has a server status page that may reveal information about the server.
Example: www.example.com/server-status
27. Accessing a hidden image: modify the image parameter to access a hidden image.
Example: www.example.com/image.php?id=1234
28. Checking for server configuration files: add known server configuration file paths to the URL to test if the website is vulnerable.
Example: www.example.com/config.php or www.example.com/wp-config.php
29. Accessing a hidden audio file: modify the audio parameter to access a hidden audio file.
Example: www.example.com/audio.php?id=1234
30. Checking for hidden links: add “/hidden-links” to the end of the URL to check if the website has hidden links that may reveal sensitive information.
Example: www.example.com/hidden-links
Conclusions
URL manipulation is a powerful technique that allows you to modify a website’s URL or query parameters to extract valuable information. This technique is commonly used in Open-Source Intelligence (OSINT) to access hidden information that may not be easily visible on a website’s interface. By manipulating the URL, you can access different parts of the website that may not be publicly available or discover new pages that are not linked to the main website.
URL manipulation can also be used to test for vulnerabilities & security flaws. However, using this technique responsibly & with the website owner’s consent is essential. Some websites may have implemented security measures to prevent URL manipulation, & attempting to access restricted parts of the website without permission can be illegal thus, unethical.
Therefore, it is essential to remember that not all websites are vulnerable to URL manipulation. Ensure you have the website owner’s consent before attempting URL manipulation. By doing so, you can enjoy the benefits of OSINT while being a responsible & ethical user.
More info:
🌪️ — Surf Safe & Stay Shield! — 🏄 & Stay Tuned 4 More!!⚡
⚠️ Was Nice? Please, Clap, Follow & Shaaaaaaaaaareeeeeeee!!!!!!!!!!!!!! ⚠️
--- Thanks !⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡⚡
