TheWebInspector is a Python script that analyzes a webpage's source code. It can be very useful during the HTTP protocol enumeration and provides information such as:
- The website's title and language
- The website's meta tags and comments
- The inputs (hidden inputs, text inputs, password inputs, search inputs, file inputs)
- Display none tags
- Forms
Furthermore, it performs certain file enumeration checking for files such as:
- robots.txt
- sitemap.xml
- phpinfo.php
- wp-login.php
- /admin/cgi-bin
Last but not least, it retrieves information about allowed HTTP methods and certain HTTP response headers such as Server and X-Powered-By.
Usage of this script for attacking targets without prior mutual consent is illegal. I am not responsible for any misuse or damage caused by this program. Only use for educational purposes.
TheWebInspector is a cross platform script that works with python 3.x.
git clone https://github.com/0liverFlow/TheWebInspector
cd ./TheWebInspector
pip3 install -r requirements.txt
Then you can run it
python3.x TheWebInspector.py -u url [--followredirects] [-v]
- You don't need administrator privileges to run this script.
- By default, this script doesn't follow redirections. If you want to follow redirections, you need to specify the --followredirects option.
- To get more information, you can use the -v or -vv option which will display more information such as the forms, the sitemap.xml file content.
- If you noticed any bugs, thanks to report here
- For any interesting idea, thanks to ping me at 0liverFlow