loading
loading
Discovery
WitnessMe grab mode for pulling links and page content from targets.
overview
witnessme-grab runs WitnessMe in grab mode to collect page metadata and related inventory details for each target URL.
It complements screenshot mode by focusing on structured page data you can query later rather than images alone.
Run it on a probed URL list when you want inventory fields for reporting or diffing across scans.
use cases
Enable link collection to pull every link from each live web service, building a seed set of URLs for a crawler or content-discovery stage.
Point an XPath expression at a known element to scrape the same value from many pages at once, such as a version string or a login form action.
Feed an Nmap XML or Nessus targets file so grab mode runs straight off a port scan with no reformatting in between.
Use the headless browser to capture links and content from single-page apps where the markup is assembled in script and a plain HTTP fetch returns nothing.
reference
| Name | Type | Flag | Description |
|---|---|---|---|
| XPATH | STRING | -x | Path to use |
| links | BOOLEAN | -l | Get all links |
| target | STRING | · | The target IP, range, CIDR or hostname |
| targets | FILE | · | The target IPs, ranges, CIDRs, hostnames, NMap XML file, or .Nessus file |
Showing key inputs. witnessme-grab exposes 4 inputs in total.
example
# witnessme-grab: collect inventory metadata from urls.txtwitnessme grab -l urls.txthttps://www.example.com title=Example status=200https://api.example.com title=API status=401https://dev.example.com title=Dev status=200https://staging.example.com title=Staging status=302https://mail.example.com title=Webmail status=200guidance
Use witnessme-grab when you want structured page data, links or a specific element, from a set of web hosts. For screenshots of those hosts instead, use witnessme-screenshot.
Same tool, screenshot mode. Use it for visual triage; grab mode is for extracting links and content.
Headless screenshot tool for web inventory. Image-first, no XPath field extraction.
faq
related
Check whether a URL redirects to a masked 404 page.
Append lines to a file only if they are not already there.
Extract URLs and endpoints from Android APK files.
Visual inspection of websites across a large number of hosts.
Find suspicious files across a large set of AWS S3 buckets.
An automated tool that checks for backup artifacts that may disclose a web application's source code.
A targets file feeds witnessme-grab, which drives a headless browser over each host and writes the harvested links and extracted content as a queryable output.
Facts on this page come from the live Trickest tool library.