Manual broken link monitoring

When I started with bug bounty hunting, I became interested in all bugs related to URLs, one of my favorite and easy to exploit / find bugs, are broken link takeovers.

I have found a few since I started, but all of them were links to nonexistent social media accounts. So nothing really critical here, but it’s always fun to have a big company link customers to your social media account. Some companies even give you a bounty if you report it to them!

I’ve noticed that most of the broken links to social media, happen because companies rename their pages. Especially pages made for Belgian customers, or maybe customers from countries where they speak more than one language in general. For example, I’ve seen renames from company_benl to company_be or CompanyBelgium to CompanyBenelux.

One way to manually monitor this kind of name changes, is by following them on Facebook. Facebook notifies followers of pages, once the page name has been changed. I just found a broken link to a Facebook page this way, and because of this I found out the URL to their Instagram is also broken. I immediately reported this to the company. Once I have a reply I will update this post.