edermi
commented
5 years ago The scanner was written for scanning larger networks because other tools had too bad performance, but this is a good point. I may add such a thing in the future.
Note that the scanner does actually the same as metasploit's auxiliary/scanner/http/tomcat_mgr_login, so if you already have a list of tomcat servers, you can use the metasploit module and supply the file as RHOSTS.
IP address range needs to be improved. Different scenarios may be required in production environment (the target range is limited now). If a text reading IP address range is added, it will be more perfect (single IP or multiple CIDR ranges, similar to nmap-il parameters).