EyeWitness : Designed To Take Screenshots Of Websites

EyeWitness is designed to take screenshots of websites provide some server header info, and identify default credentials if known.

It is designed to run on Kali Linux. It will auto detect the file you give it with the -f flag as either being a text file with URLs on each new line, nmap XML output, or nessus XML output.

The –timeout flag is completely optional, and lets you provide the max time to wait when trying to render and screenshot a web page.

Setup

  1. Navigate into the setup directory
  2. Run the setup.sh script

Also Read – Fail2Ban : Daemon To Ban Hosts That Cause Multiple Authentication Errors

Usage

./EyeWitness.py -f filename –timeout optionaltimeout –open (Optional)

Examples

./EyeWitness -f urls.txt –web

./EyeWitness -x urls.xml –timeout 8 –headless

Docker

Now you can execute it in a docker container and prevent you from install unnecessary dependencies in your host machine.

  • Note1: execute docker run with the folder path in the host which hold your results (/path/to/results)
  • Note2: in case you want to scan urls from a file, make sure you put it in the volume folder (if you put urls.txt in /path/to/results, then the argument should be -f /tmp/EyeWitness/urls.txt)

Usage

docker build –build-arg user=$USER –tag eyewitness .
docker run \
–rm \
-it \
-e DISPLAY=$DISPLAY \ # optional flag in order to use vnc protocol
-v /tmp/.X11-unix:/tmp/.X11-unix \ # optional flag in order to use vnc protocol
-v /path/to/results:/tmp/EyeWitness \
eyewitness \
EyeWitness_flags_and_input

Example #1 – headless capturing

docker run \
–rm \
-it \
-v ~/EyeWitness:/tmp/EyeWitness \
eyewitness \
–web \
–single http://www.google.com

R K

Recent Posts

WID_LoadLibrary : The Intricacies Of DLL Management In Windows

WID_LoadLibrary is a custom implementation inspired by the Windows API function LoadLibrary, which is used…

14 hours ago

Locksmith : A Tool For Securing Active Directory Certificate Services

Locksmith is a specialized tool designed to identify and remediate vulnerabilities in Active Directory Certificate…

14 hours ago

Uscrapper Vanta : A Cutting-Edge OSINT Tool For Advanced Data Extraction

Uscrapper Vanta is a powerful open-source intelligence (OSINT) tool designed to revolutionize web scraping and…

14 hours ago

Pake : Transforming Webpages Into Desktop Applications

Pake is an innovative tool designed to convert any webpage into a desktop application with…

19 hours ago

Bevy : Exploring The Frontier Of Game Development With Rust

Bevy is an open-source, data-driven game engine built in Rust, designed to simplify game development…

19 hours ago

AppFlowy Cloud : Enhancing Collaboration With Secure Cloud Infrastructure

AppFlowy Cloud is a robust component of the AppFlowy ecosystem, designed to provide secure user…

2 days ago