Successfully reported this slideshow.
Your SlideShare is downloading. ×

EyeWitness - A Web Application Triage Tool

Mar. 16, 2014
2 likes 4,660 views
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Upcoming SlideShare
Blogging With Jekyll | Blogging Like a Hacker
Blogging With Jekyll | Blogging Like a Hacker
Loading in …3
×

Check these out next

The Veil-Framework
VeilFramework
An EyeWitness View into your Network
CTruncer
Bringing Down the House - How One Python Script Ruled Over AntiVirus
CTruncer
Pen Testing, Red Teaming, and More
CTruncer
AV Evasion with the Veil Framework
VeilFramework
The State of the Veil Framework
VeilFramework
Higher Level Malware
CTruncer
Hacking - Breaking Into It
CTruncer
1 of 11 Ad

EyeWitness - A Web Application Triage Tool

Mar. 16, 2014
2 likes 4,660 views

Download to read offline

Technology

EyeWitness is a web application triage tool. It's designed to take a file from the user containing web pages, gather server header information, take a screenshot of the web page, and then organize all the information in a report. Additionally, EyeWitness will warn you about invalid SSL certificates, and attempt to identify any default credentials that may apply to the website.

EyeWitness is a web application triage tool. It's designed to take a file from the user containing web pages, gather server header information, take a screenshot of the web page, and then organize all the information in a report. Additionally, EyeWitness will warn you about invalid SSL certificates, and attempt to identify any default credentials that may apply to the website.

Technology
Advertisement

Recommended

Blogging With Jekyll | Blogging Like a Hacker
Lakshman Basnet
227 views
26 slides
Veil-Ordnance
VeilFramework
4.3k views
12 slides
Egress-Assess and Owning Data Exfiltration
CTruncer
3.4k views
57 slides
What Goes In Must Come Out: Egress-Assess and Data Exfiltration
CTruncer
4.5k views
55 slides
Pentester++
CTruncer
3.5k views
51 slides
A Battle Against the Industry - Beating Antivirus for Meterpreter and More
CTruncer
3.3k views
67 slides
Ever Present Persistence - Established Footholds Seen in the Wild
CTruncer
6.9k views
101 slides
The Art of AV Evasion - Or Lack Thereof
CTruncer
4.8k views
70 slides
Advertisement

More Related Content

Viewers also liked (10)

The Veil-Framework
VeilFramework
12.1k views
An EyeWitness View into your Network
CTruncer
3.3k views
Bringing Down the House - How One Python Script Ruled Over AntiVirus
CTruncer
3.4k views
Pen Testing, Red Teaming, and More
CTruncer
3.9k views
AV Evasion with the Veil Framework
VeilFramework
18.6k views
The State of the Veil Framework
VeilFramework
4.8k views
Higher Level Malware
CTruncer
4.7k views
Hacking - Breaking Into It
CTruncer
2.7k views
Passive Intelligence Gathering and Analytics - It's All Just Metadata!
CTruncer
6.3k views
AntiVirus Evasion Reconstructed - Veil 3.0
CTruncer
8.9k views
The Veil-Framework
VeilFramework
12.1k views
42 slides
An EyeWitness View into your Network
CTruncer
3.3k views
53 slides
Bringing Down the House - How One Python Script Ruled Over AntiVirus
CTruncer
3.4k views
54 slides
Pen Testing, Red Teaming, and More
CTruncer
3.9k views
36 slides
AV Evasion with the Veil Framework
VeilFramework
18.6k views
40 slides
The State of the Veil Framework
VeilFramework
4.8k views
49 slides

Similar to EyeWitness - A Web Application Triage Tool (20)

Hooray Icon Fonts workshop
jameswillweb
4.1k views
Internet of Things (2015)
Patrice Kerremans
684 views
Introduction to Artificial Intelligence on AWS
Amazon Web Services
1.1k views
Mobile Mashups
Cristobal Viedma
4.3k views
Personal Work
Qureshi Tehmina
169 views
Native Script Atlanta Code Camp
Baskar rao Dsn
60 views
Artificial Intelligence on AWS
Amazon Web Services
1.5k views
Introduction to Artificial Intelligence on AWS
Amazon Web Services
986 views
Building chat bots using ai platforms (wit.ai or api.ai) in nodejs
Entrepreneur / Startup
1.9k views
Introduction to Artificial Intelligence on AWS
Amazon Web Services
596 views
Notes (2012-06-08)
Chris Pitt
223 views
Gates Toorcon X New School Information Gathering
Chris Gates
2.6k views
Native script overview
Baskar rao Dsn
134 views
Architectng UX
David Chou
1.4k views
Amazon AI (October 2017)
Julien SIMON
1.3k views
Building your own chat bot with Amazon Lex - Hebrew Webinar
Boaz Ziniman
361 views
Build a mobile chatbot with Xamarin
Luis Beltran
239 views
Frog Trade's Presentation
FrogEducation
407 views
Free Tech Tools X Posed Pe Jun2010 Present
Advertising Specialties Alliance
639 views
Building Chatbots with Amazon Lex: Collision2018
Amazon Web Services
916 views
Hooray Icon Fonts workshop
jameswillweb
4.1k views
73 slides
Internet of Things (2015)
Patrice Kerremans
684 views
121 slides
Introduction to Artificial Intelligence on AWS
Amazon Web Services
1.1k views
34 slides
Mobile Mashups
Cristobal Viedma
4.3k views
72 slides
Personal Work
Qureshi Tehmina
169 views
13 slides
Native Script Atlanta Code Camp
Baskar rao Dsn
60 views
23 slides
Advertisement

Recently uploaded (20)

usabilityofwebapplication.pdf
YuriTamaki
3 views
The Industrialist: Trends & Innovations - March 2023
accenture
9 views
XFS.ppt
DmitryIg
1 view
Lecture 6.pptx
MohamedNowfeek1
1 view
ChatGPT ChatBot
LinconMondal
0 views
symposium_MEC[2].. 2.pptx
gokulprasanna4
0 views
Choosing the Board’s Duty of Foresight
OnBoard
48 views
Why should you invest in an ERP System
AdamMacdonald32
5 views
ch01.pdf
surahyo2
0 views
Crypto Developer Locations 2023 by Electric Capital
MariaShen2
447 views
DL Assignment __ (khem).pdf
KrishtinaShrestha1
4 views
Pengantar Game - Chapter 2 - Game Genre.pptx
ssusera96b6f
3 views
SESSION 01-ALPHABET-NUMBERS-DEMOSRATIVE.pdf
SamiraQuispe
3 views
Product Enablement Principles
UXDXConf
32 views
ch02.pdf
surahyo2
0 views
Keynote at the 2023 Annual Meeting of the Society for the Neuroscience of Cre...
Rogelio E. Cardona-Rivera
0 views
Nereus Pitch Deck
Masaki Nakada
6 views
how to develop healthcare app.pdf
SophiaJasper
6 views
UBS Tech Disrupt_March 2023.pdf
gerardgrech
6 views
The Importance of Accessibility in Software Design.pdf
Bahaa Al Zubaidi
0 views
usabilityofwebapplication.pdf
YuriTamaki
3 views
13 slides
The Industrialist: Trends & Innovations - March 2023
accenture
9 views
12 slides
XFS.ppt
DmitryIg
1 view
41 slides
Lecture 6.pptx
MohamedNowfeek1
1 view
9 slides
ChatGPT ChatBot
LinconMondal
0 views
16 slides
symposium_MEC[2].. 2.pptx
gokulprasanna4
0 views
12 slides

EyeWitness - A Web Application Triage Tool

  1. 1. EyeWitness – A Web Application Info-Gathering Tool @ChrisTruncer
  2. 2. What’s it do? !   Designed to screenshot web applications that’s been provided by the user. !   Text File ! Nmap XML Output !   .Nessus !   Gather server header information !   Identify default credentials !   Generates a report
  3. 3. EyeWitness
  4. 4. Why write it? !   Inspiration came from Tim Tomes’s PeepingTom !   Awesome tool !   Fix Blank Images !   Try a different screenshot library ! Ghost.py !   Stop wasting time looking up default creds !   A thought exercise
  5. 5. How to use it
  6. 6. How to use it
  7. 7. Create Web App “Signatures” !   Create signature from web page source !   Multiple Strings are OK !   Find the default creds !   Format all the things! ! Signature|creds ! Signature;A Long Signature;Signature|creds !   All signatures must be present or no match
  8. 8. Future Enhancements !   Group “similar” web apps together !   Printers !   Mirrored websites !   Etc. !   Looking for other suggestions… J !   More default creds…
  9. 9. Current Signatures
  10. 10. Call to Action !   Send me signatures! !   E-Mail! – eyewitness@christophertruncer.com !   Tweet Me! !   Pull Request! !   Find Bugs!
  11. 11. Contact ! Github Repo !   https://github.com/ChrisTruncer/EyeWitness !   Project E-mail ! eyewitness@christophertruncer.com !   @ChrisTruncer

×