- Joined
- 11 yrs. 6 mth. 27 days
- Messages
- 5,381
- Reaction score
- 18,380
- Age
- 45
- Wallet
- 11,590$
- [email protected]
Hope everyone can find this tutorial useful. This is my first tutorial over here, and my second post I believe? 
Any feedback would be highly appreciated. So let's start.
--1. Online Admin Scanning
This is the first thing you should do. It's the basic thing. There are 2 good online scanners at the moment. I will share them with you, they're easy to use. The second one is pretty fast.
2. Check robots.txt
This technique might be pretty useful, if robots.txt doesn't contain just useless things. You can easily check robots.txt, just add it at the end of the URL.
Example:
>Robots.txt:
3. Perl scripts
There are many perl scripts on the internet, this is pretty fast way to check out for Admin login page. If you want to use Perl scripts, you need an Active Perl. Download a PERL script from internet and put it somewhere on the hard drive, open CMD, navigate to it and execute it typing: [scriptname].pl. Then you should be alright.
4. Website CrawlerScan every single file and directory of the website, then open suspicious pages, like login.php or member_login.php. To crawl a website you need a website crawler like IntelliTamper or Acunetix. I am using IntelliTamper but I've heard good things about Actunetix too.
5. Admin finder tools
I guess you have read at some point in your life don't use Havij it sucks, right? No actually, sometimes it may be useful. Like when you are finding an admin page. You can download it from their official site or torrent the PRO version.
6. Port Scanning
Sounds like a pen-testing to you? Maybe, but it's useful for Admin Page finding too. Here is a step by step, how-to do it:
First you need an IP to scan ports right?
Open CMD/Terminal and type
PING site.com
Copy the IP and paste it to your Nmap or even to your Blue's Port Scanner ( ). Then search for any suspicious ports.
Note: If you ping the site with "" ."" it wont work.
7. GooglePowa ♥
Last but not least, the google power! Google dorks, I guess you have heard about this. It is completely easy to use this method.
These 3 dorks would find most of the admin login pages.
site: ""admin""site: ""panel""site: ""owner""
-----------------------
Time to finish my tutorial I hope you all enjoyed it.
Any feedback would be highly appreciated. So let's start.--1. Online Admin Scanning
This is the first thing you should do. It's the basic thing. There are 2 good online scanners at the moment. I will share them with you, they're easy to use. The second one is pretty fast.
2. Check robots.txt
This technique might be pretty useful, if robots.txt doesn't contain just useless things. You can easily check robots.txt, just add it at the end of the URL.
Example:
>Robots.txt:
3. Perl scripts
There are many perl scripts on the internet, this is pretty fast way to check out for Admin login page. If you want to use Perl scripts, you need an Active Perl. Download a PERL script from internet and put it somewhere on the hard drive, open CMD, navigate to it and execute it typing: [scriptname].pl. Then you should be alright.
4. Website CrawlerScan every single file and directory of the website, then open suspicious pages, like login.php or member_login.php. To crawl a website you need a website crawler like IntelliTamper or Acunetix. I am using IntelliTamper but I've heard good things about Actunetix too.
5. Admin finder tools
I guess you have read at some point in your life don't use Havij it sucks, right? No actually, sometimes it may be useful. Like when you are finding an admin page. You can download it from their official site or torrent the PRO version.
6. Port Scanning
Sounds like a pen-testing to you? Maybe, but it's useful for Admin Page finding too. Here is a step by step, how-to do it:
First you need an IP to scan ports right?
Open CMD/Terminal and type
PING site.com
Copy the IP and paste it to your Nmap or even to your Blue's Port Scanner ( ). Then search for any suspicious ports.
Note: If you ping the site with "" ."" it wont work.
7. GooglePowa ♥
Last but not least, the google power! Google dorks, I guess you have heard about this. It is completely easy to use this method.
These 3 dorks would find most of the admin login pages.
site: ""admin""site: ""panel""site: ""owner""
-----------------------
Time to finish my tutorial I hope you all enjoyed it.
Verified & Trusted WesternUnion | MoneyGram | Bank - Transferring [299$ BTC for 2000$ WU]
Verified & Trusted Electronics Carding, Carding iPhone, Samsung Carding, MacBook Carding, Laptops Carding