RAWR - Rapid Assessment of Web Resources

RAWR - Rapid Assessment of Web Resources

Features

• A customizable CSV containing ordered information gathered for each host, with a field for making notes/etc.

• An elegant, searchable, JQuery-driven HTML report that shows screenshots, diagrams, and other information.

• A report on relevant security headers, courtesy of SmeegeSec.

• a CSV Threat Matrix for an easy view of open ports across all provided hosts. (Use -a to show all ports.)

• A wordlist for each host, comprised of all words found in responses. (including crawl, if used).

• Default password suggestions through checking a service's CPE for matches in the DPE Database.

• A shelve database of all host information. (planned comparison functionality)

• Parses meta-data in documents and photos using customizable modules.

• Supports the use of a proxy (Burp, Zap, W3aF)

• Captures/stores SSL Certificates, Cookies, and Cross-domain.xml

• [Optional] Customizable crawl of links within the host's domain.

• [Optional] PNG Diagram of all pages found during crawl

• [Optional] List of links crawled in tiered format.

• [Optional] List of documents seen for each site.

• [Optional] Automation-Friendly output (JSON strings)