information gathering tool

Blackwidow – Web application Scanner

Blackwidow
Written by Mubassir patel

BlackWidow is a python based web application spider to gather subdomains, URL’s, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL’s for common OWASP vulnerabilities.

Blackwidow – A Python Based Web application Scanner

BlackWidow is a python based web application spider to gather subdomains, URL’s, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL’s for common OWASP vulnerabilities.

FEATURES:

Automatically Gather all

  •  URL’s from a target website
  •  dynamic URL’s and parameters from a target website
  •  subdomains from a target website
  •  phone numbers from a target website
  •  email addresses from a target website
  •  coll form URL’s from a target website
  •  scan/fuzz for common OWASP TOP vulnerabilities
  •  saves all data into sorted text files

LINUX INSTALL:

  cp blackwidow /usr/bin/blackwidow 
  cp injectx.py /usr/bin/injectx.py
  pip install -r requirements.txt

DOCKER:

 git clone https://github.com/1N3/BlackWidow.git
 cd BlackWidow
 docker build -t BlackWidow
 docker run -it BlackWidow 

USAGE:

blackwidow -u https://target.com - crawl target.com with 3 levels of depth.
blackwidow -d target.com -l 5 - crawl the domain: target.com with 5 levels of depth.
blackwidow -d target.com -l 5 -c 'test=test' - crawl the domain: target.com with 5 levels of depth using the cookie 'test=test'
blackwidow -d target.com -l 5 -s y - crawl the domain: target.com with 5 levels of depth and fuzz all unique parameters for OWASP vulnerabilities.
injectx.py https://test.com/uers.php?user=1&admin=true - Fuzz all GET parameters for common OWASP vulnerabilities

About the author

Mubassir patel

Mubassir is a founder and developer of this site. He is a computer science engineer. He has a very deep interest in ethical hacking, penetration testing, website development and including all technology topic.

Leave a Comment