Show HN: A tool that alerts when 404s silently return 200)
heberjulio65.medium.comHey HN,
I recently ran into a scenario where a page that used to return a 404 suddenly started returning 200 — without warning. This led to the discovery of a forgotten admin endpoint being accidentally reactivated.
I wrote a short post about this issue and how it can surface subtle security or logic flaws.
Along the way, I built a small tool (ReconSnap) to help monitor this kind of thing — basically, it tracks web changes, auto-saves pages, and can react to specific conditions like status code flips, keyword appearance, or DOM mutations. It’s aimed mostly at security folks, OSINT researchers, and curious developers.
I realize this may seem like a bit of a promo, but I genuinely use it myself and figured it might be useful to others too. Feedback is welcome!
Here’s the post: https://medium.com/@heberjulio65/when-an-404-suddenly-turns-...
Interesting, this is a problem I have never considered. Regarding DOM changes though, wouldn’t it make more sense to monitor files for unexpected changes instead?
That makes sense — if you’re monitoring from within the system and have access to files directly, that’s definitely a more robust way to detect changes.
But my use case is more external-facing.
So the only thing you can rely on is what the browser sees — HTML, DOM, JS. In that context, unexpected DOM changes (like a hidden login form reappearing, or a 403 turning into a 200) can be quite telling.
What do you think?
Ah of course, that makes sense then. What about dynamic DOM content though? Like content produced by PHP or similar. Is that filtered somehow or does this analysis expect static content?