Facebook Graph API- Information Gathering

Facebook is one pf the best and a popular social networking platform millions of people are using facebook for different purposes. Being at the top facebook has faced and are facing a lot of security problems and threat from hackers. Facebook has recently updated different stuffs like privacy setting, however facebook provides an effective way to secure a profile but many user got hacked and this is happening.

The question is same how? If you got hacked than this your fault not a facebook fault, well the profile security is not a point of consideration for this article. In this article I will discuss Graph API a facebook developer tool. Keep in mind the operation facebook by anonymous.

What Is Graph API in Facebook

The Graph API is the core of Facebook Platform, enabling you to read and write data to Facebook. So if you want to play with Facebook graph API follow the procedure below.
Reading Friend Requests
You can now read friend requests with the Graph API by issuing an HTTP GET request with a user access_token with the read_requests permission to:
Keep in mind that user_ID is www.facebook.com/username
This simple PHP example gets and prints a user’s friend requests:
$app_id = ‘YOUR_APP_ID’;
$app_secret = ‘YOUR_APP_SECRET’;
$my_url = ‘YOUR_URL’;
$code = $_REQUEST[“code”];
echo ‘<html><body>’;
if(!$code) {
// Get permission from the user to publish to their page.
$dialog_url = “http://www.facebook.com/dialog/oauth?client_id=”
. $app_id . “&redirect_uri=” . urlencode($my_url)
. “&scope=read_requests”;
echo(‘<script>top.location.href=”‘ . $dialog_url . ‘”;</script>’);
} else {
// Get access token for the user
$token_url = “https://graph.facebook.com/oauth/access_token?client_id=”
. $app_id . “&redirect_uri=” . urlencode($my_url)
. “&client_secret=” . $app_secret
. “&code=” . $code;
$access_token = file_get_contents($token_url);
$notifications = “https://graph.facebook.com/me/friendrequests?”
. $access_token;
$response = file_get_contents($notifications);
$resp_obj = json_decode($response,true);
echo ‘<pre>’;
echo ‘</pre>’;
echo ‘</body></html>’;
If you want to see banned user than use this:
If you want to see the specific user that is banned
If you are not understand that what actually these URL’s do than please go off from this article, but if you want to learn than here is the key point, these things are useful in the process of information gathering. Gather maximum information about any user to do social engineering attack. So here is the more tips, if you want to retrive information about friends use
Remember you can replace me with another user name. Below is the URL to read home feed you can read other user feed too use your brain now.
For profile feed

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...