Skip to content

dxa4481/Snapper

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Snapper

A security tool for grabbing screenshots of many web hosts. This tool is useful after DNS enumeration or after enumerating web hosts via nmap or nessus.

A sample output can be seen here: https://security.love/Snapper/output

How to install

  • Clone snapper
git clone https://github.com/dxa4481/snapper
  • Install python dependencies
pip install -r requirements.txt
npm -g install phantomjs

How to use

For a simple demo try:

python snapper.py -l "google.com, gmail.google.com, ads.google.com" -c 3 -v

This kicks off 3 processes, each of which fetch screenshots of the http and https versions of the hosts in question. The output is served up via localhost:8000 and can be seen below output results

You can also read from a file, these results where generated from a fierce enumeration:

python snapper.py -f googleExample.txt -c 10 -v

You can view the results here. Note in addition to the server, the static files are available in your current working directory as "output"

More options

python snapper.py --help
Options:
  -h, --help            show this help message and exit
  -f FILE, --file=FILE  Souce from input file
  -l LIST, --list=LIST  Source from commandline list
  -u USER_AGENT, --user-agent=USER_AGENT
                        The user agent used for requests
  -c NUMWORKERS, --concurrency=NUMWORKERS
                        Number of cuncurrent processes
  -t TIMEOUT, --timeout=TIMEOUT
                        Number of seconds to try to resolve
  -p PORT, --port=PORT  Port to run server on
  -v                    Display console output for fetching each host