BlackWidow – OSINT Web Application Scanner

BlackWidow is a python based web application spider to gather subdomains, URL’s, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL’s for common OWASP vulnerabilities.

BlackWidow - OSINT Web Application Scanner
BlackWidow – OSINT Web Application Scanner

The supported features with this tool are:

  • Automatically collect all URL’s from a target website
  • Automatically collect all dynamic URL’s and parameters from a target website
  • Automatically collect all subdomains from a target website
  • Automatically collect all phone numbers from a target website
  • Automatically collect all email addresses from a target website
  • Automatically collect all form URL’s from a target website
  • Automatically scan/fuzz for common OWASP TOP vulnerabilities
  • Automatically saves all data into sorted text files

Collecting as much as possible public information during penetration testing may allow to find important information such as subdomains , emails or phone number that can be used to run phishing attack to trick users.

You can read more and download this tool over here: https://github.com/1N3/BlackWidow

Share