EyeWitness

Website scanner

An automated web vulnerability scanning tool designed to take screenshots of websites and identify default credentials.

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

GitHub

18 stars
0 watching
0 forks
last commit: 6 months ago
Linked from 2 awesome lists


Backlinks from these awesome lists:

Related projects:

Repository Description Stars
r0075h3ll/oralyzer A tool to identify vulnerabilities in web applications by probing for Open Redirections and other types of attacks. 753
lirantal/is-website-vulnerable A tool that scans websites for publicly known security vulnerabilities in their frontend JavaScript libraries. 1,937
whwlsfb/log4j2scan A tool that scans websites for Log4j2 remote code execution vulnerabilities using multiple DNS log platforms and supports various scan types 773
byt3bl33d3r/witnessme A tool that uses headless Chromium to take screenshots of webpages and provides additional functionality for inventory management. 732
kathanp19/gaussrf A tool for identifying potential vulnerabilities in websites by fetching known URLs and filtering out ones with open redirects or SSRF parameters. 165
edoardottt/cariddi A tool for crawling and scanning websites for sensitive information such as endpoints, secrets, and tokens. 1,536
samuirai/gracker A web application security testing tool built using Groovy and leveraging web technologies to identify vulnerabilities in web applications. 9
thesp0nge/dawnscanner A security scanner designed to review web applications for potential vulnerabilities. 737
emo-crab/observer_ward A tool for identifying vulnerabilities in web applications and services by analyzing patterns of web servers and services 1,270
m0nad/hellraiser Scans networks to identify vulnerabilities by correlating CPEs with CVEs using an API 562
1n3/blackwidow A Python-based web application scanner that gathers OSINT and fuzz data to identify OWASP vulnerabilities on target websites. 1,531
assetnote/surf A tool that identifies and filters potential Server-Side Request Forgery (SSRF) vulnerabilities in cloud environments by probing external hosts. 533
usscltd/dorks Automates searching for vulnerabilities in databases and websites using predefined query patterns 199
sectooladdict/wavsep An open-source tool for evaluating web application vulnerabilities by analyzing the separation of concerns in web applications. 228
david-a-wheeler/flawfinder Analyzes C/C++ source code for security vulnerabilities and reports potential flaws. 489