The prompt is the main searchterm provided to the tool. This needs to be in a format required by the tool otherwise an error may be returned. For example some tools may require URLs while others may require IP addresses.
Some options may be required while others are optional. If there are no options, an empty object should be provided.
The default API key is provided as an example only. This will not work in your own applications. Register for a free account to get an API key.
Webpage Downloader is a cyber security tool that retrieves the raw contents of a website for offline access and analysis.
The HTMLEntities tool extracts special characters, HTML entities, and encoded content from webpages, facilitating text analysis. Additionally, the suite of tools includes features like Interesting Files, Email Address, and Phone Number Extraction, enabling the identification and extraction of valuable information for research purposes.
The Host Discovery tool is used to identify and discover active hosts or devices within a network. It scans network ranges, IP addresses, or domain names to identify systems that are online and reachable. By sending probing or scanning requests, the Host Discovery tool determines the availability and responsiveness of hosts, assisting in network mapping, inventory management, security assessments, and troubleshooting tasks. It provides valuable insights into the devices present on a network and aids in maintaining an up-to-date inventory of network assets.
ICMP Host Discovery is a technique that uses ICMP (Internet Control Message Protocol) packets, such as ICMP Echo Request (ping), to determine the availability of hosts.
TCP SYN Host Discovery is technique that sends TCP SYN packets to specific ports to determine if the hosts are listening or closed.
TCP ACK Host Discovery is a technique that sends TCP ACK packets to specific ports to determine if the hosts are filtered or unfiltered.
UDP Host Discovery is a technique that sends UDP packets to specific ports to determine if the hosts are listening or closed.
IP Host Discovery is technique that involves scanning IP addresses within a network range to identify active hosts.
The Web Technology Identifier tool identifies the technologies used by a target website or web server, providing users with information about the web server, web framework, programming language, content management system (CMS), and other technologies used to build and maintain the website, aiding in security assessments, vulnerability detection, and reconnaissance tasks.
The HTTP Headers tool extracts HTTP headers from a target website or web server, providing users with a list of HTTP headers and their values. It also provides a header browser, which is a visual representation of the HTTP headers, enabling users to identify the headers and their values. The tool provides valuable insights into the HTTP headers used by the website, aiding in security assessments, vulnerability detection, and reconnaissance tasks.
A HTTP request header is sent by a client to a server and includes fields like User-Agent, Host, and Accept, which might be of use in cybersecurity to detect malicious requests, fraud, or unauthorized access.
A HTTP response header is sent by the server to the client and includes fields such as Set-Cookie, Content-Security-Policy, and X-Frame-Options, which can help in implementing security measures like authentication, data integrity checks, and prevention against cross-site scripting or clickjacking attacks.
The Server field in an HTTP response header provides information about the software used by the origin server, including the name and version of the server software. In the context of cybersecurity, this information might be used by attackers to identify potential vulnerabilities specific to the server software version, so it's often recommended to minimize or obfuscate this information to reduce the potential attack surface.
Finds out what options are supported by an HTTP server (GET, POST, PUT, DELETE, TRACE, HEAD, PATCH) by sending an OPTIONS request. Lists potentially risky methods. It tests those methods not mentioned in the OPTIONS headers individually and sees if they are implemented.
An HTTP method is a verb used in the HTTP protocol to indicate the desired action to be performed on a specified resource. Common HTTP methods include GET (retrieve data), POST (submit data), PUT (update data), DELETE (remove data), and several others. HTTP methods are crucial to cybersecurity because they define the types of actions that can be taken on web resources. If not properly managed or restricted, malicious actors can exploit these methods to retrieve, modify, or delete data without authorization, leading to data breaches, data loss, or other cyber threats.
Common HTTP Headers such as: GET, HEAD, OPTIONS, TRACE
Common HTTP headers that can change data on the server such as: PUT, DELETE, CONNECT, POST, PATCH
Application-specific headers that can perform a variety of tasks including: PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK, NOTIFY, SUBSCRIBE, UNSUBSCRIBE, PATCH, SEARCH, CONNECT
The local storage scanner is used to retrieve the local storage key-value pairs from a browser. This can be used to extract sensitive information such as API keys, session tokens, and more.
Local storage is a web browser feature that allows websites to store data persistently on a user's device. Local storage can be exploited by cyber attackers through techniques like cross-site scripting (XSS) to steal or manipulate stored data, which might contain sensitive information such as user preferences, authentication tokens, or personal details, thereby posing a significant cybersecurity risk.
Local storage is often set by JavaScript, specifically Ajax requests that run after the page body has fully loaded. The Idle option allows you to wait a specified period of time for the network to go quiet before checking for local storage key-value pairs.