dEEpEst Posted May 16, 2019 Share Posted May 16, 2019 This is the hidden content, please Sign In or Sign Up ABOUT: BlackWidow is a python based web application spider to gather subdomains, URL's, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL's for common OWASP vulnerabilities. DEMO VIDEO: FEATURES: Automatically collect all URL's from a target website Automatically collect all dynamic URL's and parameters from a target website Automatically collect all subdomains from a target website Automatically collect all phone numbers from a target website Automatically collect all email addresses from a target website Automatically collect all form URL's from a target website Automatically scan/fuzz for common OWASP TOP vulnerabilities Automatically saves all data into sorted text files LINUX INSTALL: cp blackwidow /usr/bin/blackwidow cp injectx.py /usr/bin/injectx.py pip install -r requirements.txt USAGE: blackwidow -u https://target.com - crawl target.com with 3 levels of depth. blackwidow -d target.com -l 5 -v y - crawl the domain: target.com with 5 levels of depth with verbose logging enabled. blackwidow -d target.com -l 5 -c 'test=test' - crawl the domain: target.com with 5 levels of depth using the cookie 'test=test' blackwidow -d target.com -l 5 -s y -v y - crawl the domain: target.com with 5 levels of depth and fuzz all unique parameters for OWASP vulnerabilities with verbose logging on. injectx.py -u https://test.com/uers.php?user=1&admin=true -v y - Fuzz all GET parameters for common OWASP vulnerabilities with verbose logging enabled. SAMPLE REPORT: This is the hidden content, please Sign In or Sign Up DOCKER: This is the hidden content, please Sign In or Sign Up cd BlackWidow docker build -t blackwidow . docker run -it blackwidow # Defaults to --help Download: This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
ABOUT: BlackWidow is a python based web application spider to gather subdomains, URL's, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL's for common OWASP vulnerabilities. DEMO VIDEO: FEATURES: Automatically collect all URL's from a target website Automatically collect all dynamic URL's and parameters from a target website Automatically collect all subdomains from a target website Automatically collect all phone numbers from a target website Automatically collect all email addresses from a target website Automatically collect all form URL's from a target website Automatically scan/fuzz for common OWASP TOP vulnerabilities Automatically saves all data into sorted text files LINUX INSTALL: cp blackwidow /usr/bin/blackwidow cp injectx.py /usr/bin/injectx.py pip install -r requirements.txt USAGE: blackwidow -u https://target.com - crawl target.com with 3 levels of depth. blackwidow -d target.com -l 5 -v y - crawl the domain: target.com with 5 levels of depth with verbose logging enabled. blackwidow -d target.com -l 5 -c 'test=test' - crawl the domain: target.com with 5 levels of depth using the cookie 'test=test' blackwidow -d target.com -l 5 -s y -v y - crawl the domain: target.com with 5 levels of depth and fuzz all unique parameters for OWASP vulnerabilities with verbose logging on. injectx.py -u https://test.com/uers.php?user=1&admin=true -v y - Fuzz all GET parameters for common OWASP vulnerabilities with verbose logging enabled. SAMPLE REPORT: This is the hidden content, please Sign In or Sign Up DOCKER: This is the hidden content, please Sign In or Sign Up cd BlackWidow docker build -t blackwidow . docker run -it blackwidow # Defaults to --help Download: This is the hidden content, please Sign In or Sign Up
Recommended Posts