Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
EyeWitness – A Web Application Info-Gathering Tool @ChrisTruncer
What’s it do? !   Designed to screenshot web applications that’s been provided by the user. !   Text File ! Nmap XML Outpu...
EyeWitness
Why write it? !   Inspiration came from Tim Tomes’s PeepingTom !   Awesome tool !   Fix Blank Images !   Try a different s...
How to use it
How to use it
Create Web App “Signatures” !   Create signature from web page source !   Multiple Strings are OK !   Find the default cre...
Future Enhancements !   Group “similar” web apps together !   Printers !   Mirrored websites !   Etc. !   Looking for othe...
Current Signatures
Call to Action !   Send me signatures! !   E-Mail! – eyewitness@christophertruncer.com !   Tweet Me! !   Pull Request! !  ...
Contact ! Github Repo !   https://github.com/ChrisTruncer/EyeWitness !   Project E-mail ! eyewitness@christophertruncer.co...
Upcoming SlideShare
Loading in …5
×
Technology
Mar. 16, 2014
4,418 views

1

Share

Download to read offline

EyeWitness - A Web Application Triage Tool

Download to read offline

Technology
Mar. 16, 2014
4,418 views

EyeWitness is a web application triage tool. It's designed to take a file from the user containing web pages, gather server header information, take a screenshot of the web page, and then organize all the information in a report. Additionally, EyeWitness will warn you about invalid SSL certificates, and attempt to identify any default credentials that may apply to the website.

Recommended

Related Books

Free with a 30 day trial from Scribd

See all
So You Want to Start a Podcast: Finding Your Voice, Telling Your Story, and Building a Community That Will Listen Kristen Meinzer
(4/5)
Free
No Filter: The Inside Story of Instagram Sarah Frier
(5/5)
Free
Bezonomics: How Amazon Is Changing Our Lives and What the World's Best Companies Are Learning from It Brian Dumaine
(4.5/5)
Free
Live Work Work Work Die: A Journey into the Savage Heart of Silicon Valley Corey Pein
(4/5)
Free
Talk to Me: How Voice Computing Will Transform the Way We Live, Work, and Think James Vlahos
(3/5)
Free
SAM: One Robot, a Dozen Engineers, and the Race to Revolutionize the Way We Build Jonathan Waldman
(5/5)
Free
From Gutenberg to Google: The History of Our Future Tom Wheeler
(2/5)
Free
The Future Is Faster Than You Think: How Converging Technologies Are Transforming Business, Industries, and Our Lives Peter H. Diamandis
(5/5)
Free
Autonomy: The Quest to Build the Driverless Car—And How It Will Reshape Our World Lawrence D. Burns
(5/5)
Free
Life After Google: The Fall of Big Data and the Rise of the Blockchain Economy George Gilder
(4/5)
Free
Future Presence: How Virtual Reality Is Changing Human Connection, Intimacy, and the Limits of Ordinary Life Peter Rubin
(4/5)
Free
Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Seth Stephens-Davidowitz
(4/5)
Free
Uncommon Carriers John McPhee
(4/5)
Free
The Victorian Internet: The Remarkable Story of the Telegraph and the Nineteenth Century's On-line Pioneers Tom Standage
(3.5/5)
Free
Understanding Media: The Extensions of Man Marshall McLuhan
(4/5)
Free
How to Drive: Real World Instruction and Advice from Hollywood's Top Driver Ben Collins
(3.5/5)
Free

Related Audiobooks

Free with a 30 day trial from Scribd

See all
If Then: How the Simulmatics Corporation Invented the Future Jill Lepore
(4.5/5)
Free
Liftoff: Elon Musk and the Desperate Early Days That Launched SpaceX Eric Berger
(5/5)
Free
The Science of Time Travel: The Secrets Behind Time Machines, Time Loops, Alternate Realities, and More! Elizabeth Howell
(2.5/5)
Free
Einstein's Fridge: How the Difference Between Hot and Cold Explains the Universe Paul Sen
(5/5)
Free
Second Nature: Scenes from a World Remade Nathaniel Rich
(5/5)
Free
Spooked: The Trump Dossier, Black Cube, and the Rise of Private Spies Barry Meier
(3/5)
Free
Driven: The Race to Create the Autonomous Car Alex Davies
(4.5/5)
Free
Test Gods: Virgin Galactic and the Making of a Modern Astronaut Nicholas Schmidle
(4.5/5)
Free
Lean Out: The Truth About Women, Power, and the Workplace Marissa Orr
(4/5)
Free
Blockchain: The Next Everything Stephen P. Williams
(4/5)
Free
Uncanny Valley: A Memoir Anna Wiener
(4/5)
Free
A World Without Work: Technology, Automation, and How We Should Respond Daniel Susskind
(4.5/5)
Free
User Friendly: How the Hidden Rules of Design Are Changing the Way We Live, Work, and Play Cliff Kuang
(4/5)
Free
Digital Renaissance: What Data and Economics Tell Us about the Future of Popular Culture Joel Waldfogel
(3.5/5)
Free
The Players Ball: A Genius, a Con Man, and the Secret History of the Internet's Rise David Kushner
(4.5/5)
Free
Bitcoin Billionaires: A True Story of Genius, Betrayal, and Redemption Ben Mezrich
(4.5/5)
Free

EyeWitness - A Web Application Triage Tool

  1. 1. EyeWitness – A Web Application Info-Gathering Tool @ChrisTruncer
  2. 2. What’s it do? !   Designed to screenshot web applications that’s been provided by the user. !   Text File ! Nmap XML Output !   .Nessus !   Gather server header information !   Identify default credentials !   Generates a report
  3. 3. EyeWitness
  4. 4. Why write it? !   Inspiration came from Tim Tomes’s PeepingTom !   Awesome tool !   Fix Blank Images !   Try a different screenshot library ! Ghost.py !   Stop wasting time looking up default creds !   A thought exercise
  5. 5. How to use it
  6. 6. How to use it
  7. 7. Create Web App “Signatures” !   Create signature from web page source !   Multiple Strings are OK !   Find the default creds !   Format all the things! ! Signature|creds ! Signature;A Long Signature;Signature|creds !   All signatures must be present or no match
  8. 8. Future Enhancements !   Group “similar” web apps together !   Printers !   Mirrored websites !   Etc. !   Looking for other suggestions… J !   More default creds…
  9. 9. Current Signatures
  10. 10. Call to Action !   Send me signatures! !   E-Mail! – eyewitness@christophertruncer.com !   Tweet Me! !   Pull Request! !   Find Bugs!
  11. 11. Contact ! Github Repo !   https://github.com/ChrisTruncer/EyeWitness !   Project E-mail ! eyewitness@christophertruncer.com !   @ChrisTruncer

  • aryanguenthner

    Oct. 16, 2014

EyeWitness is a web application triage tool. It's designed to take a file from the user containing web pages, gather server header information, take a screenshot of the web page, and then organize all the information in a report. Additionally, EyeWitness will warn you about invalid SSL certificates, and attempt to identify any default credentials that may apply to the website.

Views

Total views

4,418

On Slideshare

0

From embeds

0

Number of embeds

1,665

Actions

Downloads

42

Shares

0

Comments

0

Likes

1

×