This tool do a passive recon using Wayback Machine
Project description
WaybackRecon
WaybackRecon is a tool designed to fetch and categorize URLs from the Wayback Machine, allowing users to identify and highlight specific patterns, potential leaks, and other important information from archived web content. This tool supports outputting results to JSON and SQLite databases and offers easy searching and categorization.
Features
- Fetch URLs: Retrieve URLs from the Wayback Machine for a specified target domain.
- Categorization: Categorize URLs based on patterns such as APIs, leaks, file extensions, and CMS identifiers.
- Highlighting: Highlight keywords in URLs to easily identify important information.
- Output: Save results to JSON and SQLite databases.
- Search: Search and display specific categories of URLs.
Installation
pip install wayback-recon
Usage
Command-line Arguments
-t, --target: Target domain to fetch URLs for (required).-p, --pattern-file: Path to the pattern config JSON file (default:pattern_config.json).-o, --output-file: Output file name for the JSON results.-s, --search: Search and display specific categories (e.g., apis, leaks, extensions, cms).--status-code: Filter by status codes (e.g., 200, 301, 302).
Examples
-
Fetch and categorize URLs for a target domain:
wayback-recon -t example.com
-
Search for specific categories in the results:
wayback-recon -s apis leaks
-
Specify a custom pattern configuration file:
wayback-recon -t example.com -p custom_pattern_config.json
-
Output results to a specific JSON file:
wayback-recon -t example.com -o results.json
-
Filter URLs by status codes:
wayback-recon -t example.com --status-code 200,301
Configuration
The pattern configuration is stored in a JSON file (pattern_config.json) and can be customized to include different patterns for categorization. The default configuration includes patterns for APIs, leaks, file extensions, and CMS identifiers.
Default Configuration
{
"apis": ["/api", "/v1", "/v2", "/services", "/rest", "/graphql", "/json"],
"leaks": ["aws", "apikey", "secret", "password", "auth", "token", "key", "access", "credential", "jwt", "kong", "kong-key", "AIza"],
"extensions": [".js", ".css", ".html", ".php", ".asp", ".aspx", ".jsp", ".json", ".xml", ".txt", ".csv"],
"cms": ["wp-", "wordpress", "joomla", "drupal", "magento", "typo3", "shopify", "prestashop"]
}
You can add or remove strings to be filtered.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file wayback_recon-0.2.2.tar.gz.
File metadata
- Download URL: wayback_recon-0.2.2.tar.gz
- Upload date:
- Size: 5.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.8.3 CPython/3.11.9 Linux/5.15.153.1-microsoft-standard-WSL2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f0be38925e67472b31eb7d6346075badd8e89bde6042e77d2549b1ce079d1c5c
|
|
| MD5 |
520f86e9b2891f8f2e317b77484b8a9f
|
|
| BLAKE2b-256 |
bdf05573db318c90caa75bb1303e68261737f05ac22026474fb2ca1d58c883ea
|
File details
Details for the file wayback_recon-0.2.2-py3-none-any.whl.
File metadata
- Download URL: wayback_recon-0.2.2-py3-none-any.whl
- Upload date:
- Size: 6.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.8.3 CPython/3.11.9 Linux/5.15.153.1-microsoft-standard-WSL2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1052d75428f4e5166c0edabd831eec782c4d51665da8bdf0128c2b67d27aae90
|
|
| MD5 |
4fbae4a84d7008d387665f5326ab484a
|
|
| BLAKE2b-256 |
bc5d7a4db7417565f1a249139142c63efd30d92ea57f94374024a9e91a816199
|
