{"id":13538917,"url":"https://github.com/1n3/blackwidow","last_synced_at":"2025-04-13T19:18:51.445Z","repository":{"id":40571967,"uuid":"116507869","full_name":"1N3/BlackWidow","owner":"1N3","description":"A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.","archived":false,"fork":false,"pushed_at":"2024-11-24T20:19:19.000Z","size":214,"stargazers_count":1602,"open_issues_count":3,"forks_count":362,"subscribers_count":60,"default_branch":"master","last_synced_at":"2025-04-06T17:01:32.210Z","etag":null,"topics":["active","application","automated","bugbounty","csrf","fuzzer","lfi","osint","owasp","passive","python","rce","rfi","scan","scanner","spider","sqli","vulnerability","web","xss"],"latest_commit_sha":null,"homepage":"https://sn1persecurity.com","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/1N3.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-01-06T18:58:30.000Z","updated_at":"2025-04-05T16:06:26.000Z","dependencies_parsed_at":"2024-12-21T22:02:07.367Z","dependency_job_id":"98a9854b-d4b2-46a9-90c6-71afbe181761","html_url":"https://github.com/1N3/BlackWidow","commit_stats":{"total_commits":47,"total_committers":14,"mean_commits":3.357142857142857,"dds":0.6808510638297872,"last_synced_commit":"e5ca5f8d8c65669b2b009dace7b09dd812375754"},"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1N3%2FBlackWidow","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1N3%2FBlackWidow/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1N3%2FBlackWidow/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1N3%2FBlackWidow/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/1N3","download_url":"https://codeload.github.com/1N3/BlackWidow/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248766713,"owners_count":21158302,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["active","application","automated","bugbounty","csrf","fuzzer","lfi","osint","owasp","passive","python","rce","rfi","scan","scanner","spider","sqli","vulnerability","web","xss"],"created_at":"2024-08-01T09:01:17.669Z","updated_at":"2025-04-13T19:18:51.408Z","avatar_url":"https://github.com/1N3.png","language":"Python","funding_links":[],"categories":["\u003ca id=\"683b645c2162a1fce5f24ac2abfa1973\"\u003e\u003c/a\u003e漏洞\u0026\u0026漏洞管理\u0026\u0026漏洞发现/挖掘\u0026\u0026漏洞开发\u0026\u0026漏洞利用\u0026\u0026Fuzzing","\u003ca id=\"170048b7d8668c50681c0ab1e92c679a\"\u003e\u003c/a\u003e工具"],"sub_categories":["功能","\u003ca id=\"05ab1b75266fddafc7195f5b395e4d99\"\u003e\u003c/a\u003e未分类-OSINT"],"readme":"![alt tag](https://github.com/1N3/BlackWidow/blob/master/blackwidowlogo.png)\n\n## ABOUT:\nBlackWidow is a python based web application spider to gather subdomains, URL's, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL's for common OWASP vulnerabilities.\n\n## DEMO VIDEO:\n[![BlackWidow Demo](https://i.ytimg.com/vi/mch8ht47taY/hqdefault.jpg)](https://www.youtube.com/watch?v=mch8ht47taY)\n\n## FEATURES:\n- [x] Automatically collect all URL's from a target website\n- [x] Automatically collect all dynamic URL's and parameters from a target website\n- [x] Automatically collect all subdomains from a target website\n- [x] Automatically collect all phone numbers from a target website\n- [x] Automatically collect all email addresses from a target website\n- [x] Automatically collect all form URL's from a target website\n- [X] Automatically scan/fuzz for common OWASP TOP vulnerabilities\n- [x] Automatically saves all data into sorted text files\n\n## LINUX INSTALL:\n```\nsudo bash install.sh\n```\n\n## USAGE:\n```\nblackwidow -u https://target.com - crawl target.com with 3 levels of depth.\nblackwidow -d target.com -l 5 -v y - crawl the domain: target.com with 5 levels of depth with verbose logging enabled.\nblackwidow -d target.com -l 5 -c 'test=test' - crawl the domain: target.com with 5 levels of depth using the cookie 'test=test'\nblackwidow -d target.com -l 5 -s y -v y - crawl the domain: target.com with 5 levels of depth and fuzz all unique parameters for OWASP vulnerabilities with verbose logging on.\ninjectx.py -u https://test.com/uers.php?user=1\u0026admin=true -v y - Fuzz all GET parameters for common OWASP vulnerabilities with verbose logging enabled.\n```\n\n## SAMPLE REPORT:\n![alt tag](https://github.com/1N3/BlackWidow/blob/master/blackwidow-report1.png)\n\n## DOCKER:\n```bash\ngit clone https://github.com/1N3/BlackWidow.git\ncd BlackWidow\ndocker build -t blackwidow .\ndocker run -it blackwidow # Defaults to --help\n\n```\n\n## LICENSE:\nYou may modify and re-distribute this software as long as the project name \"BlackWidow\", credit to the author \"xer0dayz\" and website URL \"https://sn1persecurity.com\" are NOT mofified. Doing so will break the license agreement and a takedown notice will be issued. \n\n## DISCLAIMER:\nThis program is used for educational and ethical purposes only. I take no responsibility for any damages caused from using this program. By downloading and using this software, you agree that you take full responsibility for any damages and liability.\n\n## LINKS:\n- [Twitter](https://www.twitter.com/xer0dayz \"Personal Twitter\")\n- [Twitter](https://www.twitter.com/sn1persecurity \"Company Twitter\")\n- [Website](https://sn1persecurity.com \"Sn1perSecurity\")","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F1n3%2Fblackwidow","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F1n3%2Fblackwidow","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F1n3%2Fblackwidow/lists"}