EyeWitness
Website scanner
An automated web vulnerability scanning tool designed to take screenshots of websites and identify default credentials.
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
18 stars
0 watching
0 forks
last commit: 6 months ago
Linked from 2 awesome lists
enaqx/awesome-pentest
qazbnm456/awesome-web-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 r0075h3ll/oralyzer | A tool to identify vulnerabilities in web applications by probing for Open Redirections and other types of attacks. | 753 |
 lirantal/is-website-vulnerable | A tool that scans websites for publicly known security vulnerabilities in their frontend JavaScript libraries. | 1,937 |
 whwlsfb/log4j2scan | A tool that scans websites for Log4j2 remote code execution vulnerabilities using multiple DNS log platforms and supports various scan types | 773 |
 byt3bl33d3r/witnessme | A tool that uses headless Chromium to take screenshots of webpages and provides additional functionality for inventory management. | 732 |
 kathanp19/gaussrf | A tool for identifying potential vulnerabilities in websites by fetching known URLs and filtering out ones with open redirects or SSRF parameters. | 165 |
 edoardottt/cariddi | A tool for crawling and scanning websites for sensitive information such as endpoints, secrets, and tokens. | 1,536 |
 samuirai/gracker | A web application security testing tool built using Groovy and leveraging web technologies to identify vulnerabilities in web applications. | 9 |
 thesp0nge/dawnscanner | A security scanner designed to review web applications for potential vulnerabilities. | 737 |
 emo-crab/observer_ward | A tool for identifying vulnerabilities in web applications and services by analyzing patterns of web servers and services | 1,270 |
 m0nad/hellraiser | Scans networks to identify vulnerabilities by correlating CPEs with CVEs using an API | 562 |
 1n3/blackwidow | A Python-based web application scanner that gathers OSINT and fuzz data to identify OWASP vulnerabilities on target websites. | 1,526 |
 assetnote/surf | A tool that identifies and filters potential Server-Side Request Forgery (SSRF) vulnerabilities in cloud environments by probing external hosts. | 533 |
 usscltd/dorks | Automates searching for vulnerabilities in databases and websites using predefined query patterns | 199 |
 sectooladdict/wavsep | An open-source tool for evaluating web application vulnerabilities by analyzing the separation of concerns in web applications. | 228 |
 david-a-wheeler/flawfinder | Analyzes C/C++ source code for security vulnerabilities and reports potential flaws. | 489 |