RedSiege / EyeWitness

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
https://www.christophertruncer.com/eyewitness-usage-guide/
GNU General Public License v3.0
4.98k stars 846 forks source link

Feature idea, grab favicon #532

Open digininja opened 3 years ago

digininja commented 3 years ago

It would be a bit of extra work, but grabbing the favicon and including it with the report might be quite useful when the screenshot itself is rubbish because the page hasn't fully rendered by the time the shot is taken.

digininja commented 3 years ago

Just got a perfect example, VMware ESXi rarely gives a screenshot but I recognise the favicon once the page starts loading.

mattgrandy commented 3 years ago

That's a good idea, I think we can add that in when we get some time to work on this.

TheProdigyLeague commented 1 year ago

@mattgrandy you're issue is still open, sir.

Relkci commented 5 months ago

Is there use in saving the favicon image to the folder, or just as bytes in the database + image src bytes in HTML? typically favicons are quite small in size

digininja commented 5 months ago

I still think it is worth doing.

On Sun, 26 May 2024, 09:22 Kent Ickler, @.***> wrote:

Is there use in saving the favicon image to the folder, or just as bytes in the database + image src bytes in HTML? typically favicons are quite small in size

— Reply to this email directly, view it on GitHub https://github.com/RedSiege/EyeWitness/issues/532#issuecomment-2132132996, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAA4SWLFXZQIRBUSM4225QDZEGLVTAVCNFSM46MCSKJ2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TEMJTGIYTGMRZHE3A . You are receiving this because you authored the thread.Message ID: @.***>

Relkci commented 4 months ago

Brainstorming this:

Selenium doesn't have a method for this, so thats out.

Logic would look like inspecting the resulting page-source for the favicon link. If it didn't exist, we'd check if the fallback url exists (http 200)

If either exist, we'd save the file (probably as base64) to the http_object object and just base64 image-inline it in the report later on.

If we later on want to use the favicon for categorization, we can hash the base64 and create a method for checking for known hashes.

digininja commented 4 months ago

Sounds good to me.

On Fri, 14 Jun 2024 at 23:25, Kent Ickler @.***> wrote:

Brainstorming this:

Selenium doesn't have a method for this, so thats out.

Logic would look like inspecting the resulting page-source for the favicon link. If it didn't exist, we'd check if the fallback url exists (http 200)

If either exist, we'd save the file (probably as base64) and just base64 image-inline it in the report later on.

If we later on want to use the favicon for categorization, we can hash the base64 and create a method for checking for known hashes.

— Reply to this email directly, view it on GitHub https://github.com/RedSiege/EyeWitness/issues/532#issuecomment-2168837568, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAA4SWKPR2NQZ36XQUZH5RTZHNUU7AVCNFSM46MCSKJ2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TEMJWHA4DGNZVGY4A . You are receiving this because you authored the thread.Message ID: @.***>