Go Go Go
gowitness – a new tool for an old idea
On a recent assessment I had an incredibly large IP space that was in scope. Almost an entire /8 to be precise. While it is possible to scan ranges like that with things like masscan, nmap and the likes, I was interested in web interfaces for this particular client as I quickly came to realise that they had a large amount of third party web services exposed with default login credentials left unchanged. Nessus would tell me that “there is a web interface running there”, but I wanted more in terms of what is running.
Page 1 of 1