Scan for Exposed Admin Panels
Scan for web administrative panels that may provide an entry point to an asset, and check them for default credentials
Outputs
findings
Scan for Exposed Admin Panels
Description
Scan for web administrative panels that may provide an entry point to an asset, and check them for default credentials.
Features
- Scans for a wide range of admin panel paths across various stacks.
- Checks for default credentials on a subset of found panels.
- Can scan thousands of web servers simulataneously.
Inputs
Required
- urls: a list of URLs
Optional
- header: Header(s) to include in HTTP requests
- header-file: File with header(s) to include in HTTP requests
- rate-limit: Maximum number of requests to send per second per machine (default: 300)
Outputs
- findings: JSONLines records of finding details.
Changelog
- v1.0.0
- Initial release
- v1.1.0
- Added
header-file
input
- Added
- v1.2.0
- Added recursive scanning to detect vulnerabilities at every level of the input URL paths