Discover Paths via Crawling
Discover Paths via Crawling
Crawl a list of web server URLs to discover endpoints and form a comprehensive map of each asset on your attack surface
Category
Content Discovery
Inputs
urls
file
requiredList of urls
depth
string
Maximum crawling depth
header
string
Header(s) to include in HTTP requests
in-scope
file
List of URLs, paths, or regular expressions to include in crawling
rate-limit
string
Maximum number of requests to send per second per machine
header-file
file
Header(s) to include in HTTP requests
out-of-scope
file
List of URLs, paths, or regular expressions to exclude from crawling
Outputs
url-detailsurls
Discover Paths via Crawling
Description
Crawl a list of web server URLs to discover endpoints and form a comprehensive map of each asset on your attack surface.
Features
- Supports headless browser crawling for more accurate spidering.
- Parses JavaScript code to discover additional endpoints and hidden paths.
- Can crawl thousands of web servers simulataneously.
Inputs
Required
- urls: a list of URLs
Optional
- depth: Maximum crawling depth (default: 5)
- headless: Enable headless browser mode (default: false)
- header: Header(s) to include in HTTP requests
- header-file: File with header(s) to include in HTTP requests
- rate-limit: Maximum number of requests to send per second per machine (default: 300)
Outputs
- urls: List of discovered URLs.
- url-details: JSONLines records of URL discovery details.
Changelog
- v1.0.0
- Initial release
- v1.1.0
- Added
header-fileinput
- Added