CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to mimic an HTTP server and a DNS server, providing complete responses and valuable insights during your testing process.
- Simulate an HTTP server and a DNS server for comprehensive web application testing
- Capture and log all incoming requests to analyze the requested resource and user agent information
- Identify false positives and distinguish genuine vulnerabilities
- Discover hidden vulnerabilities by examining requested resource paths and file names
- Monitor and analyze HTTP and DNS logs simultaneously with the multitail utility
- Improve the overall effectiveness of your web application testing
- Choose a domain name for your testing environment.
- Set up a remote server and obtain a public IP address for it.
- Register your name servers to point to the public IP address.
- Create glue records to associate the IP address with your remote server.
- Ensure that ports 80 and 53 are available on the remote server.
- Compile and run CoWitness on the remote server.
- Monitor the HTTP log and DNS log simultaneously using multitail in your terminal.
We welcome contributions and feedback from the community. If you encounter any issues or have suggestions for improvements, please open an issue or submit a pull request on our GitHub repository.
CoWitness is released under the MIT License.