WEXT

First of all wext is not web scanner. Wext it's a simple script and aims to help you while testing HTTP related stuff, maybe during a penetration test or vulnerability assessment. If you have any questions, comments or concerns regarding wext script send me an email. Your feedback is always welcome.

Features

You can use wext to perform many tasks, including the following:

wext - website reconnaissance tool
Version 0.1 by Matteo Cantoni
Homepage: http://www.nothink.org

 Usage: wext [options] --url URL

        --url                    target url

        --port                   HTTP server port
        --auth                   HTTP Basic Authentication credentials (username:password)
        --proxy                  use a HTTP proxy to connect to the target url
        --timeout                seconds to wait before timeout connection (default 5)

        --method                 HTTP method (default GET; others are PUT,POST,HEAD,OPTIONS)
        --user-agent             HTTP User-Agent; default is 'Mozilla/5.0 (Windows NT 5.1; rv:14.0) Wext/20100101 Firefox/14.0.1'
        --random-user-agent      use a random User-Agent

        --custom-headers         add custom headers; use '|' as separator for header/value and '||' for multiple headers
        --random-headers         add a random headers with random value (random strings based on a pattern)
        --referer                add a HTTP referer

        --cookies-save-file      save cookies to file
        --optional-content       set optional content (for example a POST payload); should be a string of bytes

        --phone-mask             phone number mask; default is 'x-xxx-xxx-xxxx'

        --dns                    reverse dns, ASN and ASNorg info

        --sqlmap                 specify SQLmap path and process the link with query (set SQLmap into 'Default settings')

        --ssl-verify-hostname    enable hostname verification (default is disabled)
        --ssl-certificate        shows the information about the SSL certificate

        --hide-headers           hide headers
        --hide-comments          hide comments
        --hide-javascripts       hide javascripts
        --hide-objects           hide objects

	--log-xml		 enable XML log

        --verbose                enable verbose
        --version                show program's version number and exit
        --help                   show this help message and exit

Download

Version Link
0.1 (2011/11/18) wext-0.1.pl

Notes

--custom-headers : add custom headers (for example a cookie); use '|' as separator for header/value and '||' to separate multiple headers
--random-headers : add a random headers with random value (random strings based on a pattern) headers provided by Wikipedia and a pattern using wildcards (see examples)
--optional-content : set optional content (for example a POST payload); should be a string of bytes. 'application/x-www-form-urlencoded' used as default content type

Patterns :

c    any lowercase character [a-z]
C    any uppercase character [A-Z]
n    any digit [0-9]
!    a punctuation character [~`!@$%^&*()-_+={}[]|\:;"'.<>?/#,]
.    any of the above
s    a "salt" character [A-Za-z0-9./]
b    any binary data

Usage examples

* Examine https://www.example.com via proxy web
wext.pl --url https://www.example.com --proxy http://1.2.3.4:8080

* Examine http://www.example.com/?tab=w1&gl=IT specifying HTTP Basic Authentication credentials
wext.pl --url 'http://www.example.com?tab=w1&gl=IT' --auth 'username:password'

* Examine http://www.example.com specifying a custom cookie
wext.pl --url http://www.example.com --custom-headers --custom-headers "Set-Cookie|name2=value2; Expires=Wed, 09-Jun-2021 10:18:14 GMT"

* Examine http://www.example.com specifying a custom cookie and further custom header SecureCheck
wext.pl --url http://www.example.com --custom-headers --custom-headers "Set-Cookie|name2=value2; Expires=Wed, 09-Jun-2021 10:18:14 GMT||SecureCheck|value=1"

* Examine http://www.example.com, reverse dns, ASN and ASNorg info and shows the information about the SSL certificate
wext.pl --url http://www.example.com --dns --ssl-certificate

* Examine http://www.example.com specifying HTTP Basic credentials, POST payload, random user-agent, language
wext.pl --url http://www.example.com --verbose --auth username:password --method POST --optional-content 'parameter=teststring' --random-user-agent

* Examine http://www.example.com specifying a cookie and random header with pattern 2 random printable characters, 3 random digits and 4 random "word" characters
wext.pl --url http://www.example.com --custom-headers "Set-Cookie|name2=value2;" --random-headers "..\\d\\d\\d\\w{4}"

* Examine http://www.example.com and automatically provides links with query to SQLmap (installed separately). Set SQLmap options (proxy, referer etc.. in 'Default settings'
wext.pl --url http://www.example.com/ --sqlmap "/software/sql/sqlmap/sqlmap.py" --verbose

* Examine http://www.example.com and hide javascript and headers in the output
wext.pl --url http://www.example.com/test.html --hide-javascripts --hide-headers

* Examine http://www.example.com and save into a XML log
wext.pl --url http://www.example.com/test.html --log-xml output.xml

Report examples

wext

See also

Disclaimer

wext should not be used against machines you do not own or administrator. This tool might create IDS warnings. The author can't be held responsible for the use and/or misuse of this program.

Contact

Please send your feedback to Matteo Cantoni matteo.cantoni@nothink.org.