LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

Reconnaissance on archive URLs

8 hours ago 5
BOOK THIS SPACE FOR AD
ARTICLE AD

Mayank Kumar Prajapati

Wayback machine is a digital archive of world wide web that allows users to access and view historical snapshots of web pages, enabling them to see how a website looked and functioned at various points in time. This is achieved by periodically crawling and storing copies of web pages.

1. waybackurls

Waybackurls is a golang based tool that can be used for crawling domains archived/indexed by wayback machine.

2. unfurl

This is another great tool to have that is used to perform filtration on endpoints extracted from wayback archieve using waybackurls tool.

waybackurls example.com > output.txt

You can also refer to the below link to have a quick look on browser UI of the archive URLs. Just replace evil.com with your target/domain.

https://web.archive.org/cdx/search/cdx?url=*.evil.com&fl=original&collapse=urlkey

(i). Enumerating subdomains

Subdomains enumeration is also possible from the URLs enumerated from waybackurls tool.

cat output.txt | unfurl --unique domains

(ii). Searching for tokens

cat output.txt | unfurl --unique values | grep -E '^ey.*\..*\..*'

(iii). Finding parameters

cat output.txt | unfurl --unique keys
cat output.txt | grep auto= | head -n 1

Thanks for reading this:) Hope it helps..

Read Entire Article
  3. Reconnaissance on archive URLs

Related

Cloud Hacking : flaws.cloud level 1 walkthrough

Cloud Hacking : flaws.cloud level 1 walkthrough

captainX404

captainX404

Forbidden Bypass Cloudflare Zero Trust

Forbidden Bypass Cloudflare Zero Trust

HTML encode ilə XSS və HTML İnjection hücumlarının qarşısının alınması

HTML encode ilə XSS və HTML İnjection hücumlarının qarşısının alınması

Unveiling a Critical Bug in One of the World’s Largest Banks: My Barclays Story

Unveiling a Critical Bug in One of the World’s Largest Banks: My Barclays Story

The $900 Bug: My Journey Through SSRF and LFI Exploits

The $900 Bug: My Journey Through SSRF and LFI Exploits

Trending

1. Sana Khan
2. Harshit Rana
3. West Indies vs Bangladesh
4. Pam Bondi
5. Mukesh Ambani
6. Zebra Movie
7. Mechanic Rocky
8. Sports
9. C2C Advanced Systems IPO GMP
10. Yeh Kaali Kaali Ankhein Season 2

Popular

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved