Screenshots
Example Usage
flowchart LR
    START["开始扫描"]
    
    subgraph STAGE1["阶段 1: 资产发现"]
        direction TB
        SUB["子域名发现<br/>subfinder, amass, puredns"]
        PORT["端口扫描<br/>naabu"]
        SITE["站点识别<br/>httpx"]
        FINGER["指纹识别<br/>xingfinger"]
        SUB --> PORT --> SITE --> FINGER
    end
    
    subgraph STAGE2["阶段 2: 深度分析"]
        direction TB
        URL["URL 收集<br/>waymore, katana"]
        DIR["目录扫描<br/>ffuf"]
        SCREENSHOT["站点截图<br/>playwright"]
    end
    
    subgraph STAGE3["阶段 3: 安全检测"]
        VULN["安全检测<br/>nuclei, dalfox"]
    end
    
    FINISH["扫描完成"]
    
    START --> STAGE1
    FINGER --> STAGE2
    STAGE2 --> STAGE3
    STAGE3 --> FINISH
    
    style START fill:#34495e,stroke:#2c3e50,stroke-width:2px,color:#fff
    style FINISH fill:#27ae60,stroke:#229954,stroke-width:2px,color:#fff
    style STAGE1 fill:#3498db,stroke:#2980b9,stroke-width:2px,color:#fff
    style STAGE2 fill:#9b59b6,stroke:#8e44ad,stroke-width:2px,color:#fff
    style STAGE3 fill:#e67e22,stroke:#d35400,stroke-width:2px,color:#fff
    style SUB fill:#5dade2,stroke:#3498db,stroke-width:1px,color:#fff
    style PORT fill:#5dade2,stroke:#3498db,stroke-width:1px,color:#fff
    style SITE
See also
Retire.js
Open Source

Detects the use of JavaScript libraries with known vulnerabilities. Available as a CLI tool, browser…
JWT_Tool
Open Source

Toolkit for testing, tampering, and forging JSON Web Tokens. Tests common JWT vulnerabilities includ…
365
Free

BlueTeam, RedTeam, Bug bounty, CTI, OSINT, Threat Hunting, Network and Web Recon, Discovery, Enumera…
Pentest-Swarm-AI
Open Source

Autonomous penetration testing using a swarm of AI agents. Orchestrates recon, classification, explo…
Burp Suite Extensions (BApp Store)
Freemium

Marketplace of extensions for Burp Suite covering active/passive scanning, custom insertion points, …
EyeWitness
Open Source Kali

Takes screenshots of web pages, RDP, and VNC services. Reports on default credentials and interestin…