Gather Information about a Target Website using Photon
Photon is a Python script used to crawl a given target URL to obtain information such as URLs (in-scope and out-of-scope), URLs with parameters, email addresses, social media accounts, files, secret keys and subdomains. The extracted information can further be exported in the JSON format.
Open kali linux terminal and flow this commands
$ git clone https://github.com/s0md3v/Photon.git
$ cd Photon
$ python3 Photon.py -h
Type python3 photon.py -u http://www.airbnb.com and press Enter to crawl the target website for internal, external and scripts URLs.
The results obtained are saved in www.airbnb.com directory under Photon folder.
Type ls and press Enter to view the folder content.
You can observe that a directory named www.airbnb.com is created, as
shown in the screenshot.
Similarly, you can view internal and scripts text files containing URLs that are crawled by Photon tool.
Now, type python3 photon.py -u http://www.airbnb.com -l 3 -t 200 — wayback and press Enter to crawl the target website using URLs from archive.org.
The results obtained are saved in www.airbnb.com directory under Photon folder. You can navigate to the www.certifiedhacker.com folder to view the result.
You can further explore the Photon tool and perform various other functionalities such as the cloning of the target website, extracting secret keys and cookies, obtaining strings by specifying regex pattern, etc. Using this information, the attackers can perform various attacks on the target website such as brute-force attacks, denial-of-service attacks, injection attacks, phishing attacks and social engineering attacks.
This concludes the demonstration of gathering information on a target website using the Photon tool