Description
EyeWitness is designed to take screenshots of websites, provide server header information, and identify default credentials if possible. It generates an HTML report for quick visual inspection of large-scale web application assessments.
Installation
BASH
git clone https://github.com/RedSiege/EyeWitness.git
cd EyeWitness/Python/setup
sudo ./setup.shBasic Usage
BASH
# From file
./EyeWitness.py -f urls.txt --web
# Single URL
./EyeWitness.py --single https://target.com --webAdvanced Usage
BASH
# Custom timeout
./EyeWitness.py -f urls.txt --web --timeout 30
# Custom user-agent
./EyeWitness.py -f urls.txt --web --user-agent "Custom Agent"
# With proxy
./EyeWitness.py -f urls.txt --web --proxy-ip 127.0.0.1 --proxy-port 8080
# Active scan (attempts to identify default creds)
./EyeWitness.py -f urls.txt --web --active-scan
# Custom output directory
./EyeWitness.py -f urls.txt --web -d output_dir/Common Workflows
BASH
# Visual recon on all discovered hosts
subfinder -d target.com -silent | httpx -silent > alive.txt
./EyeWitness.py -f alive.txt --web -d target-screenshots/