Jump to content

Masked link


internal

Recommended Posts

Masked urls like a URL shortner to see where it redirects to? Not sure with nikto, but you can always paste one into http://validator.w3.org/ to see the final redirected URL's or use wget to script a fake scan and ignore the download but keep a debug log to view all the links it 301/302 redirects through. Could be scripted to automate inline and show the output in a console without having to use a browser to visit a malicious link, but I like using http://validator.w3.org/ since it doesn't require giving up your IP to do the lookup.

* http://validator.w3.org/ also lets you look at the source code of the final site so you can check it for malicious code.

Edited by digip
Link to comment
Share on other sites

If you don't mind the destination knowing where you came from you could use my HTTP Traceroute tool which will follow all redirects and give you full information from each one.

http://digi.ninja/projects/http_traceroute.php

Nikto won't help you with this as it is a static scanner, it looks at the URL you gave it and tests for known issue. It will probably tell you if it is a redirect and the next hop but if you are looking at these as used maliciously then they often use multiple hops so won't get to the end.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...