Discover Paths via Crawling
Crawl a list of web server URLs to discover endpoints and form a comprehensive map of each asset on your attack surface
Category
Content Discovery
Inputs
List of urls
Maximum crawling depth
Header(s) to include in HTTP requests
List of URLs, paths, or regular expressions to include in crawling
Maximum number of requests to send per second per machine
Header(s) to include in HTTP requests
List of URLs, paths, or regular expressions to exclude from crawling
Outputs
url-detailsurls
Discover Paths via Crawling
Description
Crawl a list of web server URLs to discover endpoints and form a comprehensive map of each asset on your attack surface.
Features
- Supports headless browser crawling for more accurate spidering.
- Parses JavaScript code to discover additional endpoints and hidden paths.
- Can crawl thousands of web servers simulataneously.
Inputs
Required
- urls: a list of URLs
Optional
- depth: Maximum crawling depth (default: 5)
- headless: Enable headless browser mode (default: false)
- header: Header(s) to include in HTTP requests
- header-file: File with header(s) to include in HTTP requests
- rate-limit: Maximum number of requests to send per second per machine (default: 300)
Outputs
- urls: List of discovered URLs.
- url-details: JSONLines records of URL discovery details.
Changelog
- v1.0.0
- Initial release
- v1.1.0
- Added
header-file
input
- Added