Gowitness – Web Screenshot Utility using Chrome Headless

Gowitness is a website screenshot utility written in Golang, that uses Chrome Headless to generate screenshots of web interfaces using the command line. Both Linux and macOS is supported, with Windows support ‘partially working’.

Gowitness - Web Screenshot Utility using Chrome Headless
Gowitness – Web Screenshot Utility using Chrome Headless

Available Commands:

  • file – Screenshot URLs sourced from a file
  • help – Help about any command
  • nmap – Screenshot services from an Nmap XML file
  • report – Work with gowitness reports
  • scan – Scan a CIDR range and take screenshots along the way
  • single – Take a screenshot of a single URL
  • version – Prints the version of gowitness

This tool will be a good addition to run a remote vulnerability scan against a large network while most scanners such as nmap going to just provide penetration tester active service without more details about what is running on the web interface. using this tool user may automate the scan and get a screenshot for the remote web interface.

The remote web interface may have a login page or any other important information. once the screenshots collected and reviewed attacker may move to the next scenario such as brute-force attack.

The author listed several example for running the tool and the supported options to fully get what the penetration tester need. Inspiration for gowitness comes from Eyewitness.

You can read more and download this tool over here: https://github.com/sensepost/gowitness

Share
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments