EyeWitness – Intelligence Gathering Tool

EyeWitness is a tool designed to take screenshots of websites, RDP services, and open VNC servers, provide some server header info, and identify default credentials if possible.

The tool will auto detect the file you provide with -f flag as either being a text file with URLs on each new line, nmap xml output, or nessus xml output. The –timeout flag is completely optional, and lets you provide the max time to wait when trying to render and screenshot a web page.

EyeWitness

Currently the supported protocols are:

  • HTTP Screenshot using Selenium
  • Screenshot RDP Services
  • Screenshot Authless VNC services
  • Screenshot all supported protocols, using Selenium for HTTP

This tool will help to automate the penetration testing against a large number of network subnets/URLs and check the target with default credentials and get you captures for the open URL that may have a login page.

You can read more and download this tool over here: https://github.com/FortyNorthSecurity/EyeWitness

Share