GoWitness
A commandline web screenshot and information gathering tool by @leonjza.
Installation
go get -u github.com/sensepost/gowitness
Usage
gowitness [command]
Flags
Available Commands:
completion Generate the autocompletion script for the specified shell
file Screenshot URLs sourced from a file or stdin
help Help about any command
merge Merge gowitness sqlite databases
nessus Screenshot services from a Nessus XML file
nmap Screenshot services from an Nmap XML file
report Work with gowitness reports
scan Scan a CIDR range and take screenshots along the way
server Starts a webserver that serves the report interface, api and screenshot tool
single Take a screenshot of a single URL
version Prints the version of gowitness
Flags:
--chrome-path string path to chrome executable to use
-D, --db-path string destination for the gowitness database (default "gowitness.sqlite3")
--debug enable debug logging
--debug-db enable debug logging for all database operations
--delay int delay in seconds between navigation and screenshot
--disable-db disable all database operations
--disable-logging disable all logging
-F, --fullpage take fullpage screenshots
--header strings Additional HTTP header to set. Supports multiple --header flags
-h, --help help for gowitness
--pdf save screenshots as pdf
-p, --proxy string http/socks5 proxy to use. Use format proto://address:port
-X, --resolution-x int screenshot resolution x (default 1440)
-Y, --resolution-y int screenshot resolution y (default 900)
-P, --screenshot-path string store path for screenshots (use . for pwd) (default "screenshots")
--timeout int preflight check timeout (default 10)
--user-agent string user agent string to use (default "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36")
Use "gowitness [command] --help" for more information about a command.
Examples
Single page screenshot
$ gowitness single https://www.google.com/
21 Jun 2022 20:59:59 INF preflight result statuscode=200 title=Google url=https://www.google.com/
Screenshot nmap XML output
$ gowitness nmap --file out.xml
21 Jun 2022 21:14:49 ERR preflight request failed error="Get \"http://172.217.169.78:443\": EOF"
21 Jun 2022 21:14:49 ERR preflight request failed error="Get \"https://172.217.169.78:80\": http: server gave HTTP response to HTTPS client"
21 Jun 2022 21:14:49 ERR preflight request failed error="Get \"https://157.240.221.35:80\": http: server gave HTTP response to HTTPS client"
21 Jun 2022 21:14:49 ERR preflight request failed error="Get \"http://157.240.221.35:443\": net/http: HTTP/1.x transport connection broken: malformed HTTP response \"\\x15\\x03\\x03\\x00\\x02\\x022\""
21 Jun 2022 21:14:49 ERR preflight request failed error="Get \"https://www.facebook.com:80/\": http: server gave HTTP response to HTTPS client"
21 Jun 2022 21:14:50 INF preflight result statuscode=200 title=Google url=http://172.217.169.78:80
21 Jun 2022 21:14:50 INF preflight result statuscode=200 title=Google url=https://172.217.169.78:443
21 Jun 2022 21:14:50 INF preflight result statuscode=200 title="Facebook – log in or sign up" url=https://157.240.221.35:443
21 Jun 2022 21:14:54 ERR preflight request failed error="Get \"https://172.67.180.148:80\": http: server gave HTTP response to HTTPS client"
21 Jun 2022 21:14:54 WRN preflight result statuscode=400 title="400 The plain HTTP request was sent to HTTPS port" url=http://172.67.180.148:443
21 Jun 2022 21:14:55 ERR preflight request failed error="Get \"https://172.67.180.148:443\": remote error: tls: handshake failure"
21 Jun 2022 21:14:59 ERR preflight request failed error="Get \"http://172.67.180.148:80\": context deadline exceeded"
21 Jun 2022 21:14:59 INF processing complete
View results in web browser
$ gowitness server
21 Jun 2022 21:19:59 INF db path path=gowitness.sqlite3
21 Jun 2022 21:19:59 INF screenshot path path=screenshots
21 Jun 2022 21:19:59 INF server listening address=localhost:7171
