search

sensepost / gowitness

🔍 gowitness - a golang, web screenshot utility using Chrome Headless
GNU General Public License v3.0
2.87k stars 329 forks source link

Use domain name on nmap scan and not IP #141

Closed mpgn closed 2 years ago

mpgn commented 2 years ago

Is your feature request related to a problem? Please describe. When I pass a nmap file to gowitness, it will scan using the IP adress and not the vhost / domain name which can lead to wrong result if a vhost is configured on the remote server

Nmap scan report for admin.demo.local (10.10.10.1)
Host is up (0.019s latency).
Not shown: 918 filtered tcp ports (no-response), 75 filtered tcp ports (host-unreach)
PORT     STATE  SERVICE
80/tcp   open   http
443/tcp  open   https

Gowitness will screenshot on http://10.10.10.1 and not http://admin.demo.local

Describe the solution you'd like An option to select if we want to use the domain name from the xml instead of the IP

Describe alternatives you've considered Using eyeswitness because it can make a dns resolution

leonjza commented 2 years ago

Just realised, we have a flag called --scan-hostnames / -N flag on the nmap command already for exactly that reason. Try gowitness nmap --help for details.