Gowitness : A Golang Web Screenshot Utility Using Chrome Headless

Gowitness is a website screenshot utility written in Golang, that uses Chrome Headless to generate screenshots of web interfaces using the command line. Both Linux and macOS is supported, with Windows support ‘partially working‘.

Inspiration for gowitness comes from Eyewitness. If you are looking for something with lots of extra features, be sure to check it out along with these other projects.

Installation

All you would need is an installation of the latest Google Chrome or Chromium and toolitself. Itcan be downloaded using go get -u github.com/sensepost/gowitness or using the binaries available for download from the releases page.

Also Read – Shell Backdoor List : PHP / ASP Shell Backdoor List

Running Using Docker

To screenshot a page using docker, simply run the following command that would also pull the latest gowitness image:

docker run –rm -it -v $(pwd)/screenshots:/screenshots leonjza/gowitness:latest single –url=https://www.google.com

Keep in mind that a folder needs to be mounted into the container for gowitness to write your screenshots to, otherwise they will be lost when the container exits. The container is configured with the /screenshots/ directory as the working directory, so the above command mounts a local screenshots/ directory there.

If you want to read an nmap file, save it locally into a screenshots directory, and use it with:

docker run –rm -it -v $(pwd)/screenshots:/screenshots leonjza/gowitness:latest nmap -f /screenshots/nmap.xml

For any other commands, you can get help similar to the local binary install. For example:

docker run –rm -it -v $(pwd)/screenshots:/screenshots leonjza/gowitness:latest -h
A commandline web screenshot and information gathering tool by @leonjza

Usage:
gowitness [command]

Available Commands:
file Screenshot URLs sourced from a file
help Help about any command
nmap Screenshot services from an Nmap XML file
report Work with gowitness reports
scan Scan a CIDR range and take screenshots along the way
single Take a screenshot of a single URL
version Prints the version of gowitness

Build From Source

To build it from source, follow the following steps:

  • Ensure that you have at least golang version 1.13.
  • Clone this repository and cd into it.
  • Run go build to get the gowitness binary for the current machine.
  • Or, make to build for all targets. Binaries will be in the build/ diretory.

Usage Examples

Screenshot A Single Website

$ gowitness single –url=https://www.google.com/

This should result in a file being created called: https-www.google.com.png

Screenshot A Cidr

$ gowitness scan –cidr 192.168.0.0/24 –threads 20

This should result in many .png images in the current directory when complete. This can would also use 20 threads and not the default of 4.

Generate A Report

$ gowitness report generate

This should result in an report.html file with a screenshot report.

$ gowitness report generate –sort-perception

This should result in an report.html file with a screenshot report where screenshots are sorted using perception hashing.

$ gowitness report list

This should list the entries in the gowitness.db file.

R K

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

12 hours ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

12 hours ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

2 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

5 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago