└── README.md


/README.md:
--------------------------------------------------------------------------------
 1 | # URL obfuscation
 2 | 
 3 | Different methods to obfuscate URLs.
 4 | 
 5 | Tools will come soon.
 6 | 
 7 | ## Examples
 8 | 
 9 | Consider `http://facebook.com` as target URL.
10 | 
11 | Tested so far on Mozilla Firefox 56.0 and Google Chrome 62.0.3202.89.
12 | 
13 | ### Dummy HTTP basic auth
14 | 
15 | Firefox shows an alert confirmation.
16 | 
17 | `http://dummy_username@facebook.com`
18 | 
19 | ### URL redirection
20 | 
21 | Similar to URL shortener.
22 | 
23 | The sample domain needs to be replaced with a real URL redirection.
24 | 
25 | A third exploitable website could be used. See for example [Joomla! 1.5 - URL Redirecting](https://www.exploit-db.com/exploits/14722/).
26 | 
27 | `http://sample.tld/redirect-to=facebook.com`
28 | 
29 | ### URL shortener
30 | 
31 | `https://goo.gl/mS4A`
32 | 
33 | ### IP obfuscation
34 | 
35 | #### Decimal 8 bits
36 | 
37 | `http://31.13.83.36`
38 | 
39 | #### Decimal 32 bits
40 | 
41 | `http://520966948`
42 | 
43 | #### Octal 8 bits
44 | 
45 | `http://037.015.0123.044`
46 | 
47 | #### Octal 32 bits
48 | 
49 | `http://03703251444`
50 | 
51 | #### Hexadecimal 8 bits
52 | 
53 | `http://0x1f.0xd.0x53.0x24`
54 | 
55 | #### Hexadecimal 32 bits
56 | 
57 | `http://0x1f0d5324`
58 | 
59 | ## Mixings
60 | 
61 | ### Dummy HTTP basic auth + decimal 32 bits
62 | 
63 | `http://github.com@520966948`
64 | 


--------------------------------------------------------------------------------