EyeWitness is a web application triage tool. It's designed to take a file from the user containing web pages, gather server header information, take a screenshot of the web page, and then organize all the information in a report. Additionally, EyeWitness will warn you about invalid SSL certificates, and attempt to identify any default credentials that may apply to the website.
1. EyeWitness – A Web
Application Info-Gathering
Tool
@ChrisTruncer
2. What’s it do?
! Designed to screenshot web applications that’s been
provided by the user.
! Text File
! Nmap XML Output
! .Nessus
! Gather server header information
! Identify default credentials
! Generates a report
4. Why write it?
! Inspiration came from Tim Tomes’s PeepingTom
! Awesome tool
! Fix Blank Images
! Try a different screenshot library
! Ghost.py
! Stop wasting time looking up default creds
! A thought exercise
7. Create Web App “Signatures”
! Create signature from web page source
! Multiple Strings are OK
! Find the default creds
! Format all the things!
! Signature|creds
! Signature;A Long Signature;Signature|creds
! All signatures must be present or no match
8. Future Enhancements
! Group “similar” web apps together
! Printers
! Mirrored websites
! Etc.
! Looking for other suggestions… J
! More default creds…