EyeWitness – A Rapid Web Application Triage Tool

We, at ehacking
used to share
tools that can make the penetration testing process easy
and effective. You might have seen EH Tools shared before and you will witness
the tools that we will share later, but today I have an interesting tool to
discuss; it’s called EyeWitness. Chris Truncer is the man behind this tool; it
has been designed to run on Kali Linux.








EyeWitness is
designed to take screenshots of websites, provide some server header info, and
identify default credentials if possible.

 EyeWitness is designed to take a file, parse
out the URLs, take a screenshot of the web pages, and generate a report of the
screenshot along with some server header information.  EyeWitness is able
to parse three different types of files, a general text file with each url on a
new line, the xml output from a NMap scan, or a .nessus file.  Jason Hill (
@jasonhillva)
worked on creating the XML parsing code for EyeWitness, and provided a lot of
feedback throughout writing it. 

In addition to
providing the file name, you can also optionally provide a maximum timeout
value.  The timeout value is the maximum amount of time EyeWitness waits
for a web page to render, before moving on to the next URL in the list.

Image Credit

Supported Linux Distros:
Debian
7+ (at least stable, looking into testing) (Thanks to @themightyshiv)
CentOS
6.5+ (Thanks to @themightyshiv)
Setup:
1.   
Navigate into the setup
directory
2.   
Run the setup.sh script
Usage:
./EyeWitness.py
-f filename -t optionaltimeout –open (Optional)
Examples:
./EyeWitness
-f urls.txt
./EyeWitness
-f urls.xml -t 8 –open

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...