Utilities
Created bymhmdiaa-trickest
Last updated6/11/2025

Input Parameters

sitemap
file
findings
file
hostname
file
dns-records
file
screenshots
folder
url-details
file
port-details
file
whois-records
file
javascript-code
folder
web-technologies
file
web-server-details
file
network-service-details
file

Outputs

html-zip

Generate Scan Report

Description

Aggregates diverse data types from various modules into a consolidated, easy-to-review report.

Features

  • Summarizes findings and provides breakdowns of the collected data.
  • Creates a screenshot gallery of captured URLs for visual reference.
  • Allows searching and filtering of URLs by full URL, body parameters, and discovery source.
  • Supports multiple data types, including:
    • Vulnerability findings
    • Network services
    • Web servers
    • Web technologies
    • DNS records
    • WHOIS records
    • URLs
    • Screenshots
    • JavaScript code
    • Application sitemap

Inputs

Optional

  • findings: JSONLines records of finding details.
{"finding": "SQL Injection", "location": "http://example.com/search.php?test=", "severity": "high", "hostname": "example.com", "domain_name": "example.com", "field": "test", "attack": "query' AND (SELECT * FROM (SELECT(SLEEP(5)))lzuk) AND 'nrTr'='nrTr", "method": "GET", "request": "GET http://example.com/search.php?test=query%27+AND+%28SELECT+*+FROM+%28SELECT%28SLEEP%285%29%29%29lzuk%29+AND+%27nrTr%27%3D%27nrTr HTTP/1.1\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nconnection: Close\r\nhost: example.com\r\nUpgrade-Insecure-Requests: 1\r\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36\r\n\r\n"}
  • port-details: JSONLines records of port discovery details.
{"ip_address": "1.2.3.4", "port": 80}
  • network-service-details: JSONLines records of network service discovery details.
{"ip_address": "5.6.7.8", "port": 21, "protocol": "ssh", "tls": false, "transport": "tcp", "banner": "SSH-2.0-Go\r\n"}
  • web-server-details: JSONLines records of web server details.
{"timestamp":"2024-01-01T11:11:11.111111111Z","port":443,"url":"https://dashboard.example.com","input":"dashboard.example.com","scheme":"https","webserver":"cloudflare","method":"GET","host":"1.2.3.4","path":"/","favicon_path":"/favicon.ico","time":"133.7ms","a":["1.2.3.4","1.2.3.4"],"words":7331,"lines":1337,"status_code":200,"cdn":true,"cdn_name":"cloudflare","tls_host":"dashboard.example.com","tls_port":"443","tls_probe_status":true,"tls_version":"tls13","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_not_before":"2021-3-3T07:00:00Z","tls_not_after":"2027-3-3T07:00:00Z","tls_subject_dn":"CN=*.example.com, O=Example\\, Inc., L=San Francisco, ST=California, C=US","tls_subject_cn":"*.example.com","tls_subject_org":["Example, Inc."],"tls_subject_an":["*.example.com","example.com"],"tls_issuer_dn":"CN=Acme TLS RSA SHA256 2020 CA1, O=Acme Inc, C=US","tls_issuer_cn":"Acme TLS RSA SHA256 2020 CA1","tls_issuer_org":["Acme Inc"],"tls_fingerprint_hash_md5":"9ff41ab3d13b2386ad77fa0b1f058f4f","tls_fingerprint_hash_sha1":"9dc28cb216b46bee01eeaeb5d4ff5906bbba582b","tls_fingerprint_hash_sha256":"324db4e227d9b5fb5dc175d7b4bb984705b9f4ec07a36bfe2fd4df79a965961e","tls_wildcard_certificate":true,"tls_connection":"ctls","tls_sni":"dashboard.example.com","headers":["Cf-Cache-Status: DYNAMIC","Server: cloudflare"]}
  • web-technologies: JSONLines records of web technology discovery details.
{"asset": "https://blog.example.com", "technology": "WordPress", "location": "https://blog.example.com/wp-admin/install.php", "context": "6.5.3"}
  • dns-records: JSONLines DNS records.
{"host": "dashboard.example.com", "response_code": "NOERROR", "record_type": "a", "value": "1.2.3.4", "ttl": 900}
  • whois-records: JSONLines WHOIS records for domains and IP addresses.
{"query":"vulnweb.com","Domain Name":["vulnweb.com"],"Registrar":["Eurodns S.A."],"Creation Date":["2010-06-14T00:00:00Z"],"Registrar Registration Expiration Date":["2026-06-13T00:00:00Z"],"Updated Date":["2025-05-21T15:16:31Z"],"Domain Status":["clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited"],"Name Server":["ns1.eurodns.com","ns2.eurodns.com"],"DNSSEC":["unsigned"]}
{"query":"44.228.249.3","NetRange":["44.224.0.0 - 44.255.255.255"],"CIDR":["44.224.0.0/11"],"Organization":["Amazon.com, Inc. (AMAZO-47)"],"NetName":["AMAZO-ZPDX"],"Country":["US"],"City":["Seattle"],"StateProv":["WA"],"OrgAbuseEmail":["trustandsafety@support.aws.com"]}
  • url-details: JSONLines records of URL discovery details.
{"url": "https://foo.example.com/login", "hostname": "foo.example.com", "domain_name": "example.com", "data_source": "directory_brute_force", "status_code": 200, "content_length": 2031}
  • screenshots: Folder containing screenshots of the URLs. The screenshots are named after the url-details URL they are associated with, e.g. https-foo.example.com-443-login.png.
  • javascript-code: Folder containing JavaScript code.
  • sitemap: Application sitemap export file.

Outputs

  • html-zip: A ZIP archive containing an HTML report.
    • The main entry point is ./index.html
    • The screenshot gallery is located at ./screenshots.html
    • The sitemap is at ./sitemap
    • The JavaScript code is in the ./javascript directory

Changelog

  • v1.0.0
    • Initial release
  • v1.0.1
    • Add click-to-copy functionality for finding descriptions