EyeWitness is a tool that allows a penetration tester to capture screenshots of a website without leaving the Terminal—the tool does all of the work in the background. Imagine having to visually profile multiple websites, open Virtual Network Computing (VNC) servers, and use Remote Desktop Protocols (RDPs). This can be a time-consuming task. EyeWitness takes the screenshots, stores them offline, and provides an HTML report:
- To begin, you'll need to download EyeWitness from its GitHub repository using git clone https://github.com/FortyNorthSecurity/EyeWitness.git.
- Once the download has completed, access the root/EyeWitness/setup directory and run the setup.sh script using the following sequence of commands:
EyeWitness setup screen
- Once the setup process is complete, use the cd .. command to go one directory up to the root/EyeWitness directory. To screenshot a single website, use the following command:
./EyeWitness.py --web --single example.com
You can try this tool on one of the web applications on Metasploitable or OWASP BWA virtual machines.
EyeWitness allows you to specify various protocols using operators such as: --web, --rdp, --vnc, and --all-protocols.
- Once the task completes, EyeWitness will indicate whether it was successful in capturing screenshots of the target(s) and provide you with the location of the offline report, as seen in the following screenshot:
EyeWitness reporting wizard
- Upon opening the HTML report, the left-hand column contains information about the web request, while the right-hand column contains the screenshots:
Report from EyeWitness
This tool is very handy when profiling multiple services and websites at once.
Further information on EyeWitness can be found at https://tools.kali.org/information-gathering/eyewitness.
Now that you have completed this section, you are able to perform web enumeration using the EyeWitness tool.