Aquatone — Screenshots & Visual Recon | Tools

Description

Aquatone is a tool for visual inspection of websites across a large amount of hosts. It creates screenshots and an interactive HTML report, making it easy to quickly gain an overview of HTTP-based attack surface.

Installation

BASH

                            # Download from releases
wget https://github.com/michenriksen/aquatone/releases/latest/download/aquatone_linux_amd64.zip
unzip aquatone_linux_amd64.zip -d /usr/local/bin/
                        

Basic Usage

                        BASH
                        
                            # Pipe URLs
cat urls.txt | aquatone

# From subdomains
cat subs.txt | aquatone

Advanced Usage

                        BASH
                        
                            # Custom ports
cat subs.txt | aquatone -ports medium

# Custom output directory
cat subs.txt | aquatone -out target-aquatone/

# Custom timeout
cat subs.txt | aquatone -scan-timeout 500

# Number of threads
cat subs.txt | aquatone -threads 5

# Custom resolution
cat subs.txt | aquatone -resolution "1920,1080"

Common Workflows

BASH

                            # Full visual recon
subfinder -d target.com -silent | httpx -silent | aquatone -out target-recon/

# Open report in browser
firefox target-recon/aquatone_report.html
                        