Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding support for source/origin wappalyzer #294

Merged
merged 3 commits into from
Feb 14, 2023
Merged

Adding support for source/origin wappalyzer #294

merged 3 commits into from
Feb 14, 2023

Conversation

Mzack9999
Copy link
Member

@Mzack9999 Mzack9999 commented Feb 1, 2023
edited 

$ katana -json -u http://hackerone.com

   __        __
  / /_____ _/ /____ ____  ___ _
 /  '_/ _  / __/ _  / _ \/ _  /
/_/\_\\_,_/\__/\_,_/_//_/\_,_/ v0.0.3

                projectdiscovery.io

{"timestamp":"2023-02-01T14:36:55.8177568+01:00","endpoint":"https://hackerone.com/","source":"http://hackerone.com","tag":"header","attribute":"location","source-technologies":["Cloudflare"]}
{"timestamp":"2023-02-01T14:36:56.1390534+01:00","endpoint":"https://www.hackerone.com/","source":"https://hackerone.com/","tag":"header","attribute":"location","source-technologies":["Cloudflare","HSTS","Amazon S3","Amazon Web Services"]}
...

Note: the technologies are relative to the parsed response that generated future navigation requests (promises), just like other attributes (tag, attribute)

@Mzack9999 Mzack9999 added the Type: Enhancement Most issues will probably ask for additions or changes. label Feb 1, 2023
@Mzack9999 Mzack9999 self-assigned this Feb 1, 2023
@Mzack9999 Mzack9999 linked an issue Feb 1, 2023 that may be closed by this pull request
wappalyzergo integration #152
Closed
ehsandeep
ehsandeep requested changes Feb 2, 2023
View reviewed changes
Copy link
Member

@ehsandeep ehsandeep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Mzack9999 apologies if it was unclear in the issue, but the idea is to discover technology information of the endpoint (when available) instead of the source.

I mentioned when available as we might not have access to response data for every newly discovered endpoint, so populating tech info of crawled endpoint would be sufficient.

For example:

{"timestamp":"2023-02-01T14:36:55.8177568+01:00","endpoint":"https://www.hackerone.com:443/sites/default/files/styles/logo_band_white/public/GM2X_0.png.webp?itok=_mTFOxRw","source":"http://hackerone.com","tag":"header","attribute":"location","endpoint-technologies": ["Cloudflare","Fastly","HSTS","MariaDB","Nginx","PHP","Pantheon","Varnish"]}
{"timestamp":"2023-02-01T14:36:56.1390534+01:00","endpoint":"https://www.hackerone.com:443/knowledge-center/what-vulnerability-assessment-benefits-tools-and-process","source":"https://hackerone.com/","tag":"header","attribute":"location","source-technologies":["Amazon S3","Amazon Web Services","Cloudflare","Fastly","Google Tag Manager","HSTS","Lever","MariaDB","Nginx","PHP","Pantheon","React","Varnish"]}

@Mzack9999
Copy link
Member Author

Mzack9999 commented Feb 6, 2023
edited

@ehsandeep this is impossible by design, katana implementations spits out discovered and not yet visited endpoints. I'm tracking the requested change (which will unlock issues such as #248) at #303

@Mzack9999 Mzack9999 mentioned this pull request Feb 6, 2023
Closed
@ehsandeep ehsandeep marked this pull request as draft February 13, 2023 12:17
@ehsandeep ehsandeep marked this pull request as ready for review February 14, 2023 13:29
ehsandeep
ehsandeep approved these changes Feb 14, 2023
View reviewed changes
Copy link
Member

@ehsandeep ehsandeep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will be reworked later as detailed here - #303

@ehsandeep ehsandeep merged commit c108d3c into dev Feb 14, 2023
@ehsandeep ehsandeep deleted the issue-152-wappalyzer branch February 14, 2023 13:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehsandeep ehsandeep ehsandeep approved these changes

Assignees

@Mzack9999 Mzack9999

Labels
Type: Enhancement Most issues will probably ask for additions or changes.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

wappalyzergo integration
2 participants
@Mzack9999 @ehsandeep