{"id":48289416,"url":"https://github.com/dreizehnutters/vide","last_synced_at":"2026-04-04T23:01:33.421Z","repository":{"id":113548627,"uuid":"590645691","full_name":"dreizehnutters/vide","owner":"dreizehnutters","description":"Minimal web server enumeration \u0026 attack surface detection tool based on results of nmap.","archived":false,"fork":false,"pushed_at":"2024-09-17T19:10:29.000Z","size":8509,"stargazers_count":38,"open_issues_count":0,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-09-17T23:40:44.247Z","etag":null,"topics":["attack-surface","autorecon","ctf","enumeration-tool","pentest-tool","pentesting","recon","vide"],"latest_commit_sha":null,"homepage":"https://gist.github.com/dreizehnutters/5c315b2088a1666ff877c3cea363d775","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dreizehnutters.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-01-18T21:55:39.000Z","updated_at":"2024-09-17T19:10:33.000Z","dependencies_parsed_at":"2024-09-17T23:06:48.317Z","dependency_job_id":null,"html_url":"https://github.com/dreizehnutters/vide","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/dreizehnutters/vide","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreizehnutters%2Fvide","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreizehnutters%2Fvide/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreizehnutters%2Fvide/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreizehnutters%2Fvide/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dreizehnutters","download_url":"https://codeload.github.com/dreizehnutters/vide/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreizehnutters%2Fvide/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31418287,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-04T20:09:54.854Z","status":"ssl_error","status_checked_at":"2026-04-04T20:09:44.350Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["attack-surface","autorecon","ctf","enumeration-tool","pentest-tool","pentesting","recon","vide"],"created_at":"2026-04-04T23:01:28.315Z","updated_at":"2026-04-04T23:01:33.336Z","avatar_url":"https://github.com/dreizehnutters.png","language":"Shell","readme":"# vide.sh\n\nTool to probe and crawl targets and enumerate their attack surface using varous engines. \nInputs can be:\n* `.xml` files generated by `nmap`\n   - `vide.sh nmap -sc -sp -eu -ew`\n* a list of targets\n    - `vide.sh scope.txt -sp -sc -ev`\n* stdin\n    - `echo example.com | vide.sh -sp -es --config custom.sh`\n* direct\n    - `vide.sh \"10.0.13.37:8443\" -el`\n\n```\n      _______________\n  ==c(___(o(______(_()\n          \\=\\\n           )=\\    ┌─────────────────────────~vide~────┐\n          //|\\\\   │ attack surface enumeration        │\n         //|| \\\\  │ version: 2.2                      │\n        // ||. \\\\ └─────────────────@dreizehnutters───┘\n      .//  ||   \\\\ .\n      //  .      \\\\ \n```\nThis is yet another ctf/engagement automation tool, born out of curiosity and boredom. This tool was inspired by [six2dez/reconftw](https://github.com/six2dez/reconftw).\n\n---\n\n## Usage\n\n```txt\nUsage: vide.sh input [mods] [options] [misc]\n\nRequired:\n    input   Specify an input format (e.g., file/path, string or stdin)\n\nMods:\n    -sp     Skip probing with httpx\n    -sc     Skip crawling with katana\n\nOptions:\n    -es     Enable screenshot\n    -ew     Enable whatweb scans\n    -ea     Enable wanalyze scans\n    -en     Enable nmap script scans\n    -eu     Enable nuclei scans\n    -ei     Enable nikto scans\n    -ef     Enable ffuf brute forcing\n    -ev     Enable virtual host header fuzzing\n    -ej     Enable js crawl\n    -eb     Enable bypass scans\n    -el     Enable testssl.sh scans\n    -eh     Enable ssh-audit scans\n\nMisc:\n    -h|--help                  Show this message\n    -c|--config  \u003cconfig.sh\u003e   Config file to pass (default: custom.sh)\n    -o|--out-dir \u003cpath\u003e        Out-dir to work in (default: $PWD)\n    --verify                   Check configuration file (default: config.sh)\n\nExample:\n    # skip crawl, skip probing, do virtual host header scan on a list of targets\n    vide.sh scope.txt -sp -sc -ev\n    # skip crawl, do nuclei, do whatweb on nmap output directory\n    vide.sh nmap -sc -eu -ew\n    # with config skip probing, do screenshot on stdin (default to HTTP)\n    echo example.com | vide.sh -sp -es --config custom.sh\n    # ssl scan on target\n    vide.sh '10.0.13.37:8443' -el\n    # verify current config.sh\n    vide.sh --verify\n```\n\n## Example\n\n[![CLI\ndemo](https://miro.medium.com/v2/resize:fit:4800/format:webp/1*37G-LKGZgEAx-0JFcn4fKw.gif)](https://miro.medium.com/v2/resize:fit:4800/format:webp/1*37G-LKGZgEAx-0JFcn4fKw.gif)\n\n```bash\n# skip crawling, do httpX screenshots and WhatWeb scans on nmap -oX data\n$ vide.sh nmap -sc -es -ew\n[...]\n\n$ tree .\n├── nmap\n│   └── init.xml\n└── vide_runs\n    └── vide_22.02_23301708641003\n        ├── host_port.txt\n        ├── http_servers.txt\n        ├── https_servers.txt\n        ├── httpx\n        │   └── scan.log\n        ├── screenshots\n        │   ├── response\n        │   │   ├── 192.168.42.131\n        │   │   │   └── 628362c5635403dbffbf03eb624e464b50915bc4.txt\n        │   │   └── index.txt\n        │   └── screenshot\n        │       ├── 192.168.42.131\n        │       │   └── 628362c5635403dbffbf03eb624e464b50915bc4.png\n        │       ├── index_screenshot.txt\n        │       └── screenshot.html\n        ├── vide.log\n        ├── vide_targets.txt\n        └── whatweb\n            ├── brief_all.log\n            ├── brief.log\n            ├── deep_all.log\n            └── deep.log\n```\n\n---\n\n## Installation\n\nThe installtion and maintance of used modules by `vide.sh` is left to the user\n\n```bash\n$ git clone https://github.com/dreizehnutters/vide\n$ cd vide\n$ ln -s $(pwd)/vide.sh ~/.local/bin/vide.sh\n$ vide.sh --verify\n```\n---\n\n## Configuration \n\nOne has to edit the `config.sh` to adjust the location of used binaries and configure extra parameter about each engine\n\n```bash\ncat config.sh| head -n15\n# ---= bins =--- #CHANGE ME\nNMAP=/usr/bin/nmap\nXMLS=/usr/bin/xmlstarlet\nNIKTO=/usr/bin/nikto\nWW=/usr/bin/whatweb\nWA=/usr/local/bin/webanalyze\nSMBMAP=/usr/bin/smbmap\nENUM4LINUX=$PY_PATH/enum4linux-ng.py\nFFUF=$GO_PATH/bin/ffuf\nBYP4=$GO_PATH/bin/byp4xx\nSUBJS=$GO_PATH/bin/subjs\nHTTPX=$HOME/.pdtm/go/bin/httpx\nNUCLEI=$HOME/.pdtm/go/bin/nuclei\nKATANA=$HOME/.pdtm/go/bin/katana\n```\n\n```bash\n# check the current configuration\n$ vide.sh --verify\n```\n---\n\n## Scanning Engines\n|Software|Version|Install|\n|-|-|-|\n|`xmlstarlet`| \u003e= `1.6.1`| [XML parsing](https://xmlstar.sourceforge.net)|\n|`httpx`| \u003e= `1.2.5`| [server probing](https://github.com/projectdiscovery/httpx)|\n|`katana`| \u003e= `1.0.0`| [crwaling](https://github.com/projectdiscovery/katana)|\n|`whatweb`| \u003e= `0.5.5`| [tech discovery ](https://github.com/urbanadventurer/WhatWeb)|\n|`webanalyze`| \u003e= `0.3.8`| [tech discovery](https://github.com/rverton/webanalyze)|\n|`nuclei`| \u003e= `2.8.9`| [web server scanning](https://github.com/projectdiscovery/nuclei)|\n|`nikto`| \u003e= `2.5.0`| [web server scanning](https://github.com/sullo/nikto)|\n|`ffuf`| \u003e= `2.0.0`| [directory brute forcing](https://github.com/ffuf/ffuf)|\n|`byp4xx`| \u003e= `b337580`| [bypass checks](https://github.com/lobuhi/byp4xx)|\n|`subjs`| \u003e= `1.0.0`| [crawling js](https://github.com/lc/subjs)|\n|`enum4linux-ng.py`| \u003e= `1.3.1`| [windows enumeration  ](https://github.com/cddmp/enum4linux-ng)|\n|`smbmap`| \u003e= `1.9.1`| [smb enumeration](https://github.com/ShawnDEvans/smbmap)|\n|`nmap`| \u003e= `7.94`| [extended script scans](https://github.com/nmap/nmap)|\n|`testssl.sh`| \u003e= `3.2rc3`| [SSL compliance scans](https://testssl.sh/)|\n|`ssh-audit`| \u003e= `3.1.0`| [SSH compliance scans](https://pypi.org/project/ssh-audit/)|\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdreizehnutters%2Fvide","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdreizehnutters%2Fvide","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdreizehnutters%2Fvide/lists"}