News
! Version 1.5
! Auto activate JS during scan if the webite is full JS (website 2.0)
! Adding Dockerfile
Features
TODO
P1 is the most important
Usage
pip(3) install -r requirements.txt
If problem with pip3:
sudo python3 -m pip install -r requirements.txt
usage: hawkscan.py [-h] [-u URL] [-w WORDLIST] [-s SUBDOMAINS] [-t THREAD] [-a USER_AGENT] [–redirect] [-r]
Optional Arguments:
-h, –help show this help message and exit
-u URL URL to scan [required]
-w WORDLIST Wordlist used for URL Fuzzing. Default: dico.txt
-s SUBDOMAINS Subdomain tester
-t THREAD Number of threads to use for URL Fuzzing. Default: 20
-a USER_AGENT Choice user-agent
–redirect For scan with redirect response (301/302)
-r Recursive dir/files
-p PREFIX Add prefix in wordlist to scan
-o OUTPUT Output to site_scan.txt (default in website directory)
-b Add a backup file scan like ‘exemple.com/~exemple/, exemple.com/ex.php.bak…’ but longer
-H HEADER_ modify HEADER
–exclude EXCLUDE To define a page or response code status type to exclude during scan
–timesleep TS To define a timesleep/rate-limit if app is unstable during scan
–auto Automatic threads depending response to website. Max: 30
–update For automatic update
Examples
//Basic
python hawkscan.py -u https://www.exemple.com -w dico_extra.txt
//With redirect
python hawkscan.py -u https://www.exemple.com -w dico_extra.txt -t 5 –redirect
//With backup files scan
python hawkscan.py -u https://www.exemple.com -w dico_extra.txt -t 5 -b
//With an exclude page
python hawkscan.py -u https://www.exemple.com -w dico_extra.txt -t 5 –exclude https://www.exemple.com/profile.php?id=1
//With an exclude response code
python hawkscan.py -u https://www.exemple.com -w dico_extra.txt -t 5 –exclude 403
Credit: Layno & Sanguinarius & Cyber_Ph4ntoM
AutoExif is a powerful Bash script designed to streamline the process of editing image metadata…
SimpleImager V4.3, your go-to tool for streamlined system imaging and data acquisition. Designed to simplify…
MetaOSINT enables open source intelligence ("OSINT") practitioners to jumpstart their investigations by quickly identifying relevant,…
ThreatPinch Lookup creates informational tooltips when hovering oven an item of interest on any website.…
Myself and any other potential contributors to this website are NOT in any way affiliated…
The Mobile Evidence Acquisition Toolkit designed by BlackStone Discovery. Developed to enhance digital forensics, this…