-
-
Notifications
You must be signed in to change notification settings - Fork 1
Home
Webhawk - Web Recon Framework
A web recon framework (webhawk) is written in Python3 by Gaurav Raj [TheHackersbrain]. Any help, suggestions, or contribution will be appriciated.
-
Clone the GitHub repo
git clone https://github.com/thehackersbrain/webhawk.git
-
Change the directory and install all the requirements
cd webhawk && pip3 install -r requirements.txt
-
Run the
main.py
scriptpython3 main.py -h
The recommended way to do so is first to create a Python Virtual Environment and then install the tool.
-
here's oneliner for that
python3 -m venv env && source env/bin/activate && pip3 install webhawk
or
pip3 install webhawk
-
webhawk now should be installed in your virtual Environment
webhawk -h
Here are the all uses and features of the tool. We are working hard and constantly improving the tool.
If you have any suggestions, feature requests or any errors or issues don't hesitate to create a pull request or contact us the way you like. All Social media handles are provided here.
-
Basic Help and uses
┌──(elliot@archlinux)-[~]-[192.168.225.72]-[] └─$ webhawk -h usage: webhawk [-h] -d DOMAIN [-w] [-l] [-g] [-n] [-s] [-p] [-b] [--config] [-v] WebHawk - Web Recon Framework optional arguments: -h, --help show this help message and exit -d DOMAIN, --domain DOMAIN Specify Target Domain -w, --whois Extract Whois Information for The Target Domain. -l, --lookup DNS Lookup for the Target Domain -g, --geoip GEO-IP Lookup on the Target's IP -n, --subnet Subnet Calculator for Target Domain's IP Address -s, --subdomains Find Available Subdomains for the Target's Domain -p, --ports Perform Nmap Scan on Target Domain's IP Address -b, --builtwith Fire up a Builtwith Recon against the target domain --config Configure Webhawk for API Uses -v, --version Print version of the Tool
-
Basic Scan which is the default one.
-d
flag is a required flag which is for specifying a domain. eg:target.com
without specifying any protocols.┌──(elliot@archlinux)-[~]-[192.168.225.72]-[] └─$ webhawk -d 'gauravraj.tech' ░█████ ███ █████ █████ █████ █████ █████ ░░███ ░███ ░░███ ░░███ ░░███ ░░███ ░░███ ░███ ░███ ░███ ██████ ░███████ ░███ ░███ ██████ █████ ███ █████ ░███ █████ ░███ ░███ ░███ ███░░███ ░███░░███ ░███████████ ░░░░░███ ░░███ ░███░░███ ░███░░███ ░░███ █████ ███ ░███████ ░███ ░███ ░███░░░░░███ ███████ ░███ ░███ ░███ ░██████░ ░░░█████░█████░ ░███░░░ ░███ ░███ ░███ ░███ ███░░███ ░░███████████ ░███░░███ ░░███ ░░███ ░░██████ ████████ █████ █████░░████████ ░░████░████ ████ █████ ░░░ ░░░ ░░░░░░ ░░░░░░░░ ░░░░░ ░░░░░ ░░░░░░░░ ░░░░ ░░░░ ░░░░ ░░░░░ Created by Gaurav Raj [TheHackersBrain] [+] Target Domain: gauravraj.tech [*] Scanning Started... [S] Scan Type: [Basic Scan] [+] Protocol: HTTPS [+] Redirected URL: https://gauravraj.tech/ [+] Site Title: Gaurav Raj | Hacker, Programmer & FreeLancer [+] IP Address: 185.199.109.153 [+] Server: GitHub.com [+] Cloudflare: Not Detect [+] CMS: Not Detected [+] Robots.txt: Found ------------------------------------[ Headers ]------------------------------------ Connection: keep-alive Content-Length: 60472 Server: GitHub.com Content-Type: text/html; charset=utf-8 Last-Modified: Fri, 25 Jun 2021 20:00:19 GMT Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31556952 ETag: W/"60d635d3-1a993" expires: Thu, 25 Nov 2021 11:24:22 GMT Cache-Control: max-age=600 Content-Encoding: gzip x-proxy-cache: MISS X-GitHub-Request-Id: 0F9E:39FD:184683:19AA95:619F700D Accept-Ranges: bytes Date: Thu, 25 Nov 2021 11:14:22 GMT Via: 1.1 varnish Age: 0 X-Served-By: cache-bom4727-BOM X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1637838862.881124,VS0,VE274 Vary: Accept-Encoding X-Fastly-Request-ID: da5db015368e7b3bab6f3f3e908ac72c9067402a --------------------------------[ End of Headers ]------------------------------------ ┌──(elliot@archlinux)-[~]-[192.168.225.72]-[] └─$
-
Whois Lookup
┌──(elliot@archlinux)-[~]-[192.168.225.72]-[] └─$ webhawk -w -d 'gauravraj.tech' ░█████ ███ █████ █████ █████ █████ █████ ░░███ ░███ ░░███ ░░███ ░░███ ░░███ ░░███ ░███ ░███ ░███ ██████ ░███████ ░███ ░███ ██████ █████ ███ █████ ░███ █████ ░███ ░███ ░███ ███░░███ ░███░░███ ░███████████ ░░░░░███ ░░███ ░███░░███ ░███░░███ ░░███ █████ ███ ░███████ ░███ ░███ ░███░░░░░███ ███████ ░███ ░███ ░███ ░██████░ ░░░█████░█████░ ░███░░░ ░███ ░███ ░███ ░███ ███░░███ ░░███████████ ░███░░███ ░░███ ░░███ ░░██████ ████████ █████ █████░░████████ ░░████░████ ████ █████ ░░░ ░░░ ░░░░░░ ░░░░░░░░ ░░░░░ ░░░░░ ░░░░░░░░ ░░░░ ░░░░ ░░░░ ░░░░░ Created by Gaurav Raj [TheHackersBrain] [+] Target Domain: gauravraj.tech [*] Scanning Started... [S] Scan Type: [Whois Recon] ------------------------------------[ Whois Information ]------------------------------------ Domain Name: GAURAVRAJ.TECH Registry Domain ID: D211222283-CNIC Registrar WHOIS Server: whois.hostinger.com Registrar URL: https://www.hostinger.com/ Updated Date: 2021-03-06T06:36:12.0Z Creation Date: 2020-11-28T12:46:56.0Z Registry Expiry Date: 2021-11-28T23:59:59.0Z Registrar: Hostinger, UAB <snap> Access to the Whois and RDAP services is rate limited. For more information, visit https://registrar-console.centralnic.com/pub/whois_guidance. ---------------------------------[ End of the Information ]------------------------------------
-
DNS Lookup
┌──(elliot@archlinux)-[~]-[192.168.225.72]-[] └─$ webhawk -l -d 'gauravraj.tech' ░█████ ███ █████ █████ █████ █████ █████ ░░███ ░███ ░░███ ░░███ ░░███ ░░███ ░░███ ░███ ░███ ░███ ██████ ░███████ ░███ ░███ ██████ █████ ███ █████ ░███ █████ ░███ ░███ ░███ ███░░███ ░███░░███ ░███████████ ░░░░░███ ░░███ ░███░░███ ░███░░███ ░░███ █████ ███ ░███████ ░███ ░███ ░███░░░░░███ ███████ ░███ ░███ ░███ ░██████░ ░░░█████░█████░ ░███░░░ ░███ ░███ ░███ ░███ ███░░███ ░░███████████ ░███░░███ ░░███ ░░███ ░░██████ ████████ █████ █████░░████████ ░░████░████ ████ █████ ░░░ ░░░ ░░░░░░ ░░░░░░░░ ░░░░░ ░░░░░ ░░░░░░░░ ░░░░ ░░░░ ░░░░ ░░░░░ Created by Gaurav Raj [TheHackersBrain] [+] Target Domain: gauravraj.tech [*] Scanning Started... [S] Scan Type: [DNS Lookup] ------------------------------------[ DNS Lookup ]------------------------------------ A : 185.199.110.153 A : 185.199.109.153 A : 185.199.108.153 A : 185.199.111.153 AAAA : 2606:50c0:8002::153 AAAA : 2606:50c0:8000::153 AAAA : 2606:50c0:8003::153 AAAA : 2606:50c0:8001::153 TXT : "google-site-verification=OhJkHhWQmLakPIJsasHR71K-zG0VfSq6Hgk3KP2bigY" SOA : ns1.dns-parking.com. dns.hostinger.com. 2021112501 10000 2400 604800 3600 --------------------------------[ DNS Lookup Ends Here ]------------------------------------
-
Geo-IP Lookup
┌──(elliot@archlinux)-[~]-[192.168.225.72]-[] └─$ webhawk -g -d 'gauravraj.tech' ░█████ ███ █████ █████ █████ █████ █████ ░░███ ░███ ░░███ ░░███ ░░███ ░░███ ░░███ ░███ ░███ ░███ ██████ ░███████ ░███ ░███ ██████ █████ ███ █████ ░███ █████ ░███ ░███ ░███ ███░░███ ░███░░███ ░███████████ ░░░░░███ ░░███ ░███░░███ ░███░░███ ░░███ █████ ███ ░███████ ░███ ░███ ░███░░░░░███ ███████ ░███ ░███ ░███ ░██████░ ░░░█████░█████░ ░███░░░ ░███ ░███ ░███ ░███ ███░░███ ░░███████████ ░███░░███ ░░███ ░░███ ░░██████ ████████ █████ █████░░████████ ░░████░████ ████ █████ ░░░ ░░░ ░░░░░░ ░░░░░░░░ ░░░░░ ░░░░░ ░░░░░░░░ ░░░░ ░░░░ ░░░░ ░░░░░ Created by Gaurav Raj [TheHackersBrain] [+] Target Domain: gauravraj.tech [*] Scanning Started... [S] Scan Type: [GEO-IP Lookup] ------------------------------------[ GEO-IP Lookup ]------------------------------------ IP Address: 185.199.110.153 Country: United States State: California City: Latitude: 34.0544 Longitude: -118.244 --------------------------------[ GEO-IP Lookup Ends Here ]------------------------------------
-
Subnet Calculator
┌──(elliot@archlinux)-[~]-[192.168.225.72]-[] └─$ webhawk -n -d 'gauravraj.tech' ░█████ ███ █████ █████ █████ █████ █████ ░░███ ░███ ░░███ ░░███ ░░███ ░░███ ░░███ ░███ ░███ ░███ ██████ ░███████ ░███ ░███ ██████ █████ ███ █████ ░███ █████ ░███ ░███ ░███ ███░░███ ░███░░███ ░███████████ ░░░░░███ ░░███ ░███░░███ ░███░░███ ░░███ █████ ███ ░███████ ░███ ░███ ░███░░░░░███ ███████ ░███ ░███ ░███ ░██████░ ░░░█████░█████░ ░███░░░ ░███ ░███ ░███ ░███ ███░░███ ░░███████████ ░███░░███ ░░███ ░░███ ░░██████ ████████ █████ █████░░████████ ░░████░████ ████ █████ ░░░ ░░░ ░░░░░░ ░░░░░░░░ ░░░░░ ░░░░░ ░░░░░░░░ ░░░░ ░░░░ ░░░░ ░░░░░ Created by Gaurav Raj [TheHackersBrain] [+] Target Domain: gauravraj.tech [*] Scanning Started... [S] Scan Type: [Subnet Calculator] ------------------------------------[ Subnet Calculator ]------------------------------------ Address = 185.199.111.153 Network = 185.199.111.153 / 32 Netmask = 255.255.255.255 Broadcast = not needed on Point-to-Point links Wildcard Mask = 0.0.0.0 Hosts Bits = 0 Max. Hosts = 1 (2^0 - 0) Host Range = { 185.199.111.153 - 185.199.111.153 } ------------------------------------[ Content Ends Here ]------------------------------------
-
Subdomain Enumeration
┌──(elliot@archlinux)-[~]-[192.168.225.72]-[] └─$ webhawk -s -d 'gauravraj.tech' ░█████ ███ █████ █████ █████ █████ █████ ░░███ ░███ ░░███ ░░███ ░░███ ░░███ ░░███ ░███ ░███ ░███ ██████ ░███████ ░███ ░███ ██████ █████ ███ █████ ░███ █████ ░███ ░███ ░███ ███░░███ ░███░░███ ░███████████ ░░░░░███ ░░███ ░███░░███ ░███░░███ ░░███ █████ ███ ░███████ ░███ ░███ ░███░░░░░███ ███████ ░███ ░███ ░███ ░██████░ ░░░█████░█████░ ░███░░░ ░███ ░███ ░███ ░███ ███░░███ ░░███████████ ░███░░███ ░░███ ░░███ ░░██████ ████████ █████ █████░░████████ ░░████░████ ████ █████ ░░░ ░░░ ░░░░░░ ░░░░░░░░ ░░░░░ ░░░░░ ░░░░░░░░ ░░░░ ░░░░ ░░░░ ░░░░░ Created by Gaurav Raj [TheHackersBrain] [+] Target Domain: gauravraj.tech [*] Scanning Started... [S] Scan Type: [Subdomains Finder] ------------------------------------[ Subdomain Finder ]------------------------------------ [+] gauravraj.tech [+] blog.gauravraj.tech [+] *.gauravraj.tech [+] www.gauravraj.tech ------------------------------------[ Subdomain Finder ]------------------------------------
-
Port Scan
┌──(elliot@archlinux)-[~]-[192.168.225.72]-[] └─$ webhawk -p -d 'gauravraj.tech' ░█████ ███ █████ █████ █████ █████ █████ ░░███ ░███ ░░███ ░░███ ░░███ ░░███ ░░███ ░███ ░███ ░███ ██████ ░███████ ░███ ░███ ██████ █████ ███ █████ ░███ █████ ░███ ░███ ░███ ███░░███ ░███░░███ ░███████████ ░░░░░███ ░░███ ░███░░███ ░███░░███ ░░███ █████ ███ ░███████ ░███ ░███ ░███░░░░░███ ███████ ░███ ░███ ░███ ░██████░ ░░░█████░█████░ ░███░░░ ░███ ░███ ░███ ░███ ███░░███ ░░███████████ ░███░░███ ░░███ ░░███ ░░██████ ████████ █████ █████░░████████ ░░████░████ ████ █████ ░░░ ░░░ ░░░░░░ ░░░░░░░░ ░░░░░ ░░░░░ ░░░░░░░░ ░░░░ ░░░░ ░░░░ ░░░░░ Created by Gaurav Raj [TheHackersBrain] [+] Target Domain: gauravraj.tech [*] Scanning Started... [S] Scan Type: [NMAP Scan] ------------------------------------[ NMAP Scan ]------------------------------------ error valid key required --------------------------------[ NMAP Scan Ends Here ]------------------------------------
-
Builtwith Recon
┌──(elliot@archlinux)-[~]-[192.168.225.72]-[] └─$ webhawk -b -d 'gauravraj.tech' ░█████ ███ █████ █████ █████ █████ █████ ░░███ ░███ ░░███ ░░███ ░░███ ░░███ ░░███ ░███ ░███ ░███ ██████ ░███████ ░███ ░███ ██████ █████ ███ █████ ░███ █████ ░███ ░███ ░███ ███░░███ ░███░░███ ░███████████ ░░░░░███ ░░███ ░███░░███ ░███░░███ ░░███ █████ ███ ░███████ ░███ ░███ ░███░░░░░███ ███████ ░███ ░███ ░███ ░██████░ ░░░█████░█████░ ░███░░░ ░███ ░███ ░███ ░███ ███░░███ ░░███████████ ░███░░███ ░░███ ░░███ ░░██████ ████████ █████ █████░░████████ ░░████░████ ████ █████ ░░░ ░░░ ░░░░░░ ░░░░░░░░ ░░░░░ ░░░░░ ░░░░░░░░ ░░░░ ░░░░ ░░░░ ░░░░░ Created by Gaurav Raj [TheHackersBrain] [+] Target Domain: gauravraj.tech [*] Scanning Started... [S] Scan Type: [Builtwith Recon] ------------------------------------ [ Builtwith Recon ]------------------------------------ [+] SSL by Default [+] UNPKG [+] Content Delivery Network [+] jsDelivr [+] Viewport Meta [+] IPhone / Mobile Compatible [+] Apache [+] Apache 2.4 [+] Ubuntu [+] Express [+] LetsEncrypt [+] MailChannels [+] SPF [+] Flockmail [+] Hostinger DNS [+] Gatsby JS [+] Apple Mobile Web Clips Icon [+] Google Analytics [+] Google Webmaster [+] Google Universal Analytics [+] Varnish [+] GitHub Hosting [+] Fastly [+] Fastly Hosted [+] Fastly Load Balancer [+] Hostinger Registrar [+] IPv6 ------------------------------------ [ Builtwith Recon ]------------------------------------
-
Some of the features uses API Keys from specific sites which can be configured using the
--config
flag which will list all the options and feature which needs an API Key┌──(elliot@archlinux)-[~]-[192.168.225.72]-[] └─$ webhawk --config ╭──────────────────────────────────────────────────────────────────────────────────╮ │ Webhawk Configuration Wizard │ ╰──────────────────────────────────────────────────────────────────────────────────╯ 1. Builtwith API > Choose Option: 1 Enter API Key: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
-
Version Details
┌──(elliot@archlinux)-[~]-[192.168.225.72]-[] └─$ webhawk -v Webhawk 0.6.4