Web Screenshot – webscreenshot.py is a great tool which comes in handy when a penetration tester needs to quickly identify potential vulnerabilities on a massive website.
Installation and usage
The installation is a straight forward process, you just have to clone the github repository:
The usage is as simple as providing the -i option with an input file with url-s – one url per line:
python3 webscreenshot.py -i input
The following picture shows how simple and effective the use of webscreenshot is:
This tool is really helpful for any bug bounty hunter or web application penetration tester who deals with a large domain or multiple domains with thousands of urls. The first entry point on red teaming engagements can be found easily sometimes due to the possibility to view all the pages in a gallery which is much faster than browsing the pages one by one.
The tool also has a nice support for cookies, headers, proxies which is the reason I give 4/5 bunnies for this tool:
Want To Learn More About Ethical Hacking?
Do you know of another GitHub related hacking tool?
Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.
Latest posts by damjan cvetanovic (see all)
- Nmap Automator – a tool I used during OSCP for simple recon - December 5, 2019
- Turbolist3r – An Automated Subdomain Scanning Tool - December 4, 2019
- webscreenshot.py | A Simple script that aids in testing large websites - December 3, 2019