[Cansina] Web Content Discovery Application

Monday, November 25, 2013

It takes general available lists of common path and files used by web applications and make URL requests looking back to the server response code. Cansina stores the information in a sqlite database (omitting 404 responses). One for every new url (think this as a kind of projects feature) and the same database for every new payload on the same url.

It aims to be (very) simple and straight to use doing only one thing: Discover content.

The app is far from being finished, probably is poorly coded and I wouldn't recommend it to use in a serious pentesting session.

Lists from fuzzdb are included in this repository for convenience but are not part of the project. You can use whatever list you want.

  • Threads (well, processes)
  • HTTP/S Proxy support (thanks to requests)
  • Data persistance (sqlite3)
  • Support for multiextensions list (-e php,asp,aspx,txt...)
  • Content inspector (will watch for a specific string inside web page content)
  • Skip fake 404 (best as possible)
  • Skip by filtering content
  • Replacing (for URL fuzzing)
  • Reporting tool
  • Basic Authentication

Subscribe via e-mail for updates!