- linux-py:
sudo apt install python3 - win-py:
https://www.python.org/downloads/
- No nonsense.
• sql <URL> - SQL Injection Scanner
• xss <URL> - XSS Scanner
• subdomain <URL> - Subdomain Website
• clickjacking <URL> - Clickjacking Scanner
• get <domain.com> - Website Information
• proxy <ip:port> - Proxy HTTP check
• portscan <domain.com> - Port Scanner
• scrape <URL> - Web Scraper
• file <URL> - show files
• read <URL> - see all fileswebkit:~$ sql http://google.com/
[*] Trying http://google.com/"
[*] Trying http://google.com/'
[+] Detected 1 forms on http://google.com/.
webkit:~$ xss http://google.com/
[+] Detected 1 forms on http://google.com/.
[+] Submitting malicious payload to http://google.com/search
[+] Data: {'NULL': 'Google NULL', 'NULL': 'NULL', 'NULL': 'NULL', 'source': 'NULL', 'NULL': 'NULL', 'NULL': 'NULL'}
webkit:~$ subdomain http://google.com/
[-] http://google.com/signup
[-] http://google.com/login
[-] http://google.com/logout
[-] http://google.com/database
[-] http://google.com/secret
[-] http://google.com/app
[+] http://google.com/sms
[-] http://google.com/ipv4
webkit:~$ clickjacking http://google.com/
[-] http://google.com/ is not vulnerable to clickjacking.
[*] Response Headers:
| Date:
| Expires:
| Cache-Control:
| Content-Type:
| Content-Security-Policy-Report-Only:
| Content-Encoding:
| Server:
| Content-Length:
| X-XSS-Protection: 0
| X-Frame-Options:
| Set-Cookie:
webkit:~$ get gooogle.com
[+] NULL
IP : ###.###.##.##
STATUS : success
COUNTRY :
COUNTRY CODE :
REGION :
CITY :
ZIP :
LAT :
LON :
TIMEZONE :
ISP NAME : Google LLC
webkit:~$ proxy 127.0.0.1:80 <--- HTTP PROXY
{
'httpbin': '127.0.0.1'
}
webkit:~$ portscan google.com
[*] Target IP address:
[*] Scanning ports on
[+] Port | 1 | open
[+] Port | 2 | open
[-] Port | 3 | closed
[+] Port | 4 | open
[+] Port | 5 | open
[+] Port | 6 | open
[+] Port | 7 | open
webkit:~$ scrape http://google.com/
CODE HERE
webkit:~$ file http://google.com/
[+] URL | FILE | CENSURED
[+] URL | FILE | http://maps.google.nl/maps?########
[+] URL | FILE | CENSURED
[+] URL | FILE | https://www.youtube.com/#####
[+] URL | FILE | CENSURED
[+] URL | FILE | CENSURED
[+] URL | FILE | CENSURED
[+] URL | FILE | CENSURED
[+] URL | FILE | CENSURED
[+] URL | FILE | CENSURED
[+] URL | FILE | CENSURED
[+] URL | FILE | CENSURED
[+] URL | FILE | CENSURED
[+] URL | FILE | CENSURED
[+] URL | FILE | CENSURED
webkit:~$ read http://google.com/
[+] URL | FILE | https://www.google.com/##############
[*] Content of https://www.google.com/##############
<h1>Hello world</h1>
v1.0 ⋮ 29/06/2024
v1.5 ⋮ 4/07/2024+ WEBKIT Information
Subdomain
Sql Injection Scanner
XSS vulnerability scanner
Clickjacking
Get information about a site
Proxy HTTP
Port Scanner
Web Scraper
show files
see all files
