BlackWidow is a python based web application for collection subdomains, URLs, dynamic parameters, email addresses and phone numbers from a website.
This project also includes the Inject-X fuzzer to scan dynamic URLs and for vulnerabilities OWASP.
Specifications
- Automatically collect all URLs from one site
- Automatically collect all dynamic URLs and parameters from a site
- Automatically collect all subdomains from one site
- Automatically collect all phone numbers from one site
- Automatically collect all email addresses from one site
- Automatically collect all form URLs from one site
- Automatic scan / fuzz for common OWASP TOP vulnerabilities
- Automatically saves everything data in sorted text files
Installation
git clone https://github.com/1N3/BlackWidow.git cp blackwidow / usr / bin / blackwidow cp injectx.py /usr/bin/injectx.py pip install -r requirements.txt
Use
u https://target.com - crawl target.com with 3 levels of depth. -d target.com -l 5 - crawl the domain: target.com with 5 levels of depth. -d target.com -l 5 -sy - crawl the domain: target.com with 5 levels of depth and fuzz all unique parameters for OWASP vulnerabilities.
Application snapshots
Video guide
https://www.youtube.com/watch?v=mch8ht47taY&feature=emb_title
You can download it program from here.