EyeWitness is designed to take screenshots of websites provide some server header info, and identify default credentials if known.
It is designed to run on Kali Linux. It will auto detect the file you give it with the -f flag as either being a text file with URLs on each new line, nmap XML output, or nessus XML output.
The –timeout flag is completely optional, and lets you provide the max time to wait when trying to render and screenshot a web page.
Setup
Also Read – Fail2Ban : Daemon To Ban Hosts That Cause Multiple Authentication Errors
Usage
./EyeWitness.py -f filename –timeout optionaltimeout –open (Optional)
Examples
./EyeWitness -f urls.txt –web
./EyeWitness -x urls.xml –timeout 8 –headless
Docker
Now you can execute it in a docker container and prevent you from install unnecessary dependencies in your host machine.
Usage
docker build –build-arg user=$USER –tag eyewitness .
docker run \
–rm \
-it \
-e DISPLAY=$DISPLAY \ # optional flag in order to use vnc protocol
-v /tmp/.X11-unix:/tmp/.X11-unix \ # optional flag in order to use vnc protocol
-v /path/to/results:/tmp/EyeWitness \
eyewitness \
EyeWitness_flags_and_input
Example #1 – headless capturing
docker run \
–rm \
-it \
-v ~/EyeWitness:/tmp/EyeWitness \
eyewitness \
–web \
–single http://www.google.com
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…