Facebook Graph API- Information Gathering

Facebook is one pf the best and a popular social networking platform millions of people are using facebook for different purposes. Being at the top facebook has faced and are facing a lot of security problems and threat from hackers. Facebook has recently updated different stuffs like privacy setting, however facebook provides an effective way to secure a profile but many user got hacked and this is happening.


The question is same how? If you got hacked than this your fault not a facebook fault, well the profile security is not a point of consideration for this article. In this article I will discuss Graph API a facebook developer tool. Keep in mind the operation facebook by anonymous.

What Is Graph API in Facebook

The Graph API is the core of Facebook Platform, enabling you to read and write data to Facebook. So if you want to play with Facebook graph API follow the procedure below.

Reading Friend Requests
You can now read friend requests with the Graph API by issuing an HTTP GET request with a user access_token with the read_requests permission to:
Keep in mind that user_ID is www.facebook.com/username
This simple PHP example gets and prints a user’s friend requests:
$app_id = 'YOUR_APP_ID';
$app_secret = 'YOUR_APP_SECRET';
$my_url = 'YOUR_URL';
$code = $_REQUEST["code"];
echo '';
if(!$code) {
// Get permission from the user to publish to their page.
$dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url)
. "&scope=read_requests";
echo('');
} else {
// Get access token for the user
$token_url = "https://graph.facebook.com/oauth/access_token?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret
. "&code=" . $code;
$access_token = file_get_contents($token_url);
$notifications = "https://graph.facebook.com/me/friendrequests?"
. $access_token;
$response = file_get_contents($notifications);
$resp_obj = json_decode($response,true);
echo '
'; 
print_r($resp_obj);
echo '';
}
echo '';
?>
If you want to see banned user than use this:
If you want to see the specific user that is banned
If you are not understand that what actually these URL's do than please go off from this article, but if you want to learn than here is the key point, these things are useful in the process of information gathering. Gather maximum information about any user to do social engineering attack. So here is the more tips, if you want to retrive information about friends use
Remember you can replace me with another user name. Below is the URL to read home feed you can read other user feed too use your brain now.
For profile feed





Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.