SlideShare Explore Search You

EyeWitness – A Web
Application Info-Gathering
Tool
@ChrisTruncer

What’s it do?
!   Designed to screenshot web applications that’s been
provided by the user.
!   Text File
! Nmap XML Outpu...

EyeWitness

Why write it?
!   Inspiration came from Tim Tomes’s PeepingTom
!   Awesome tool
!   Fix Blank Images
!   Try a different s...

How to use it

How to use it

Create Web App “Signatures”
!   Create signature from web page source
!   Multiple Strings are OK
!   Find the default cre...

Future Enhancements
!   Group “similar” web apps together
!   Printers
!   Mirrored websites
!   Etc.
!   Looking for othe...

Current Signatures

Call to Action
!   Send me signatures!
!   E-Mail! – eyewitness@christophertruncer.com
!   Tweet Me!
!   Pull Request!
!  ...

Contact
! Github Repo
!   https://github.com/ChrisTruncer/EyeWitness
!   Project E-mail
! eyewitness@christophertruncer.co...

Upcoming SlideShare

Loading in …5

×

EyeWitness - A Web Application Triage Tool

EyeWitness is a web application triage tool. It's designed to take a file from the user containing web pages, gather server header information, take a screenshot of the web page, and then organize all the information in a report. Additionally, EyeWitness will warn you about invalid SSL certificates, and attempt to identify any default credentials that may apply to the website.

CTruncer

No Filter: The Inside Story of Instagram Sarah Frier

Bezonomics: How Amazon Is Changing Our Lives and What the World's Best Companies Are Learning from It Brian Dumaine

So You Want to Start a Podcast: Finding Your Voice, Telling Your Story, and Building a Community That Will Listen Kristen Meinzer

The Future Is Faster Than You Think: How Converging Technologies Are Transforming Business, Industries, and Our Lives Peter H Diamandis

SAM: One Robot, a Dozen Engineers, and the Race to Revolutionize the Way We Build Jonathan Waldman

Autonomy: The Quest to Build the Driverless Car—And How It Will Reshape Our World Lawrence D. Burns

Life After Google: The Fall of Big Data and the Rise of the Blockchain Economy George Gilder

Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Seth Stephens-Davidowitz

Live Work Work Work Die: A Journey into the Savage Heart of Silicon Valley Corey Pein

Future Presence: How Virtual Reality Is Changing Human Connection, Intimacy, and the Limits of Ordinary Life Peter Rubin

From Gutenberg to Google: The History of Our Future Tom Wheeler

Talk to Me: How Voice Computing Will Transform the Way We Live, Work, and Think James Vlahos

How to Lie with Maps, Third Edition Mark Monmonier

On War: With linked Table of Contents Carl von Clausewitz

Wizard:: The Life and Times of Nikolas Tesla Marc Seifer

Island of the Lost: An Extraordinary Story of Survival at the Edge of the World JOAN DRUETT

Spooked: The Trump Dossier, Black Cube, and the Rise of Private Spies Barry Meier

Second Nature: Scenes from a World Remade Nathaniel Rich

A World Without Work: Technology, Automation, and How We Should Respond Daniel Susskind

Uncanny Valley: A Memoir Anna Wiener

Liftoff: Elon Musk and the Desperate Early Days That Launched SpaceX Eric Berger

If Then: How the Simulmatics Corporation Invented the Future Jill Lepore

Bitcoin Billionaires: A True Story of Genius, Betrayal, and Redemption Ben Mezrich

The Players Ball: A Genius, a Con Man, and the Secret History of the Internet's Rise David Kushner

Blockchain: The Next Everything Stephen P. Williams

Lean Out: The Truth About Women, Power, and the Workplace Marissa Orr

Digital Renaissance: What Data and Economics Tell Us about the Future of Popular Culture Joel Waldfogel

Ten Arguments for Deleting Your Social Media Accounts Right Now Jaron Lanier

User Friendly: How the Hidden Rules of Design Are Changing the Way We Live, Work, and Play Cliff Kuang

Chaos Monkeys Revised Edition: Obscene Fortune and Random Failure in Silicon Valley Antonio Garcia Martinez

Lands of Lost Borders: A Journey of the Silk Road Kate Harris

Pale Blue Dot: A Vision of the Human Future in Space Carl Sagan

Be the first to comment

Aryan G , Sr. Penetration Tester at The Walt Disney Company
6 years ago

Views

Total views

4,351

On SlideShare

0

From Embeds

0

Number of Embeds

1,665

Actions

Shares

0

Downloads

42

Comments

0

Likes

1

EyeWitness - A Web Application Triage Tool

1. EyeWitness – A Web Application Info-Gathering Tool @ChrisTruncer
2. What’s it do? !   Designed to screenshot web applications that’s been provided by the user. !   Text File ! Nmap XML Output !   .Nessus !   Gather server header information !   Identify default credentials !   Generates a report
3. EyeWitness
4. Why write it? !   Inspiration came from Tim Tomes’s PeepingTom !   Awesome tool !   Fix Blank Images !   Try a different screenshot library ! Ghost.py !   Stop wasting time looking up default creds !   A thought exercise
5. How to use it
6. How to use it
7. Create Web App “Signatures” !   Create signature from web page source !   Multiple Strings are OK !   Find the default creds !   Format all the things! ! Signature|creds ! Signature;A Long Signature;Signature|creds !   All signatures must be present or no match
8. Future Enhancements !   Group “similar” web apps together !   Printers !   Mirrored websites !   Etc. !   Looking for other suggestions… J !   More default creds…
9. Current Signatures
10. Call to Action !   Send me signatures! !   E-Mail! – eyewitness@christophertruncer.com !   Tweet Me! !   Pull Request! !   Find Bugs!
11. Contact ! Github Repo !   https://github.com/ChrisTruncer/EyeWitness !   Project E-mail ! eyewitness@christophertruncer.com !   @ChrisTruncer