tips adn tricks to find admin panel of a website

How to Find the Admin Panel of a Website for Bug Bounty

Leave a Comment / The Art of Bug Bounty Hunting: A Comprehensive Guide / By
Table Of Contents :

How to find admin panel of a website ?

Although there are many methods to find admin panel of a website but I am going to mention some most relevent types of tips & tricks.

Using Google Dorks

Google is the best way to find admin panel of a website because it holds data of millions of websites and although it is the most popular search engine.

 site: target.com inurl: admin |  administrator |  adm |  login |  l0gin |  wp-login

 intitle: "login" "admin" site: target.com

 intitle: "index of / admin" site: target.com

 inurl: admin intitle: admin intext: admin

Using httpx and a wordlist

 httpx -l hosts.txt -paths /root/admin-login.txt -threads 100 -random-agent -x GET, POST -tech-detect -status-code -follow-redirects -title -content-length

 httpx -l hosts.txt-ports 80,443,8009,8080,8081,8090,8180,8443 -paths /root/admin-login.txt -threads 100 -random-agent -x GET, POST -tech-detect -status-  code -follow-redirects -title -content-length

Using utilities:

There are many automated tools which can be used to automate to find admin panel of a website. This tools can be easily found on github.

 https://github.com/the-c0d3r/admin-finder
 https://github.com/RedVirus0/Admin-Finder
 https://github.com/mIcHyAmRaNe/okadminfinder3
 https://github.com/penucuriCode/findlogin
 https://github.com/fnk0c/cangibrina

Using search engines

As we all know that google is the best search engine but there are some limitations of google that it cannot index servers or iot devices. So, for this comes into play of search engine like shodan, fofa, censys and etc.

Using Shodan

ssl.cert.subject.cn:"company.com "http.title:" admin "

ssl: "company.com" http.title: "admin"

ssl.cert.subject.cn:"company.com" admin

ssl: "company.com" admin

Using fofa

cert = "company.com" && title = "admin"

 cert.subject = "company" && title = "admin"

 cert = "company.com" && body = "admin"

 cert.subject = "company" && body = "admin"

Using zoomeye

 ssl: company.com + title: "admin"

 ssl: company.com + admin

 Censys (IPv4):

 (services.tls.certificates.leaf_data.issuer.common_name: company.com) AND services.http.response.html_title: admin

 (services.tls.certificates.leaf_data.issuer.common_name: company.com) AND services.http.response.body: admin
Spread the love

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top
www.thecyberblogs.com