Feed an Nmap XML scan result into EyeWitness to automatically screenshot every discovered web service without opening each URL by hand.
Survey a large IP range of web interfaces during a penetration test and generate a single consolidated report.
Identify web services still running on default credentials during an authorized security audit.
| redsiege/eyewitness | i-tu/hasklig | layout-parser/layout-parser | |
|---|---|---|---|
| Stars | 5,720 | 5,720 | 5,730 |
| Language | Python | Python | Python |
| Setup difficulty | moderate | easy | moderate |
| Complexity | 2/5 | 1/5 | 3/5 |
| Audience | ops devops | developer | researcher |
Figures from each repo's GitHub metadata at analysis time.
Requires running a setup script to create a Python virtual environment, install scripts provided for Windows, Linux, and macOS.
EyeWitness is a Python tool used during security assessments to quickly take screenshots of a large number of websites in one pass. Instead of opening each URL manually in a browser, you give EyeWitness a list of addresses and it visits each one automatically, captures what the page looks like, and saves the results to a report. It also records each server's HTTP headers and checks whether the site appears to be running with default credentials that could be a security issue. The primary audience is penetration testers and security auditors who need to survey many web interfaces during an engagement. Common scenarios include scanning an IP range found during a network assessment, or reviewing web services exported from tools like Nmap or Nessus. EyeWitness accepts input as a plain text list of URLs, an Nmap XML file, or a Nessus XML file, so it fits naturally into an existing testing workflow. Under the hood, EyeWitness uses a headless Chromium browser to render pages, which means it handles modern JavaScript-heavy sites rather than just fetching raw HTML. The tool runs multiple pages in parallel using a thread count it calculates automatically based on the number of CPU cores available. It can also add delays between requests and route traffic through a proxy. Installation uses an isolated Python virtual environment so it does not interfere with other software on the system. Setup scripts are included for Windows, Linux, and macOS. After setup, you activate the virtual environment and run the tool from the command line. EyeWitness is open source and maintained by RedSiege. It is intended for authorized security testing only.
A Python security tool that automatically screenshots a large list of websites in one pass, records HTTP headers, and flags pages with default credentials, used to quickly survey web services during penetration tests.
Mainly Python. The stack also includes Python, Chromium.
License terms not mentioned, intended for authorized security testing only per the maintainer.
Setup difficulty is rated moderate, with roughly 30min to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.