**Disclaimer
The intended audience for this blog are professionals who are in a beginner/intermediate phase of their career and are interested to explore the treasure trove i.e. the world of scripting and coding. Although the below technique may seem a pretty simple one, this plays a pivotal role while working on Website Security Audit or big Bug Bounty Projects. In some of my future posts, I will be discussing specific use cases and investigation scenarios, where I have benefited a lot from using this or similar bash scripts.
As a security consultant, having worked with multiple clients from different business verticals and nations, I have often felt the need to have an inventory of automated tools that will reduce the mean time for basic analysis/checks while one is on a hunting spree on the internet. With that in mind and a little bit of testing & research, I ended up with a bash script of 17 lines, that helps in checking the HTTP status codes from a dictionary of domains.
My Lab setup:
- Commands are executed in Mac OS X however these bash commands will work on any Linux variant.
- Name of the dictionary of domain lists – test_domains.txt
- Name of the script – website_status_checker.sh
Bash Script website_status_checker.sh
Domain List test_domains.txt
Scenario
The script website_status_checker.sh will read through the dictionary list of domains test_domains.txt and report the HTTP status code for the websites.
Popular HTTP status codes are:
- 200 – OK
- 301 – Moved Permanently
- 302 – Redirected
- 000 – Not Responding / Timeout
Output
From the output, we can see that while our bash script was able to access the first 3 websites in our list, both using HTTP and HTTPS protocols, the last website checklist[.]onlineflora[.]cn was not accessible. As a result, while the first 3 websites returned HTTP 200 response, the last one returned a “not responding” status.
Subscribe to our blog. Also Like and Share !
Github – Where do we fork!
Here is the link to Ethical Securities’ github repository which contains some of the basic code snippets you may find useful.