Jul 26, 2017
On penetration tests we are often-times faced with very large external or internal attack surfaces that are made up of multiple web applications. When there is a need to assess thousands of webapps quickly manually navigating each page with a browser would be very inefficient. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) details how to automatically screenshot multiple web applications for quick analysis.
Full Show Notes: https://wiki.securityweekly.com/TS_Episode12
EyeWitness - https://github.com/ChrisTruncer/EyeWitness
Rawr - https://bitbucket.org/al14s/rawr/wiki/Home
httpscreenshot - https://github.com/breenmachine/httpscreenshot
Peeping Tom - https://bitbucket.org/LaNMaSteR53/peepingtom/
PowerWebShot - https://github.com/dafthack/PowerWebShot