Automating recon can be a useful tool for improving the efficiency, accuracy, scalability, and security of the recon process.
What is Magnify?
A tool for spider multiple URLs & check for sensitive variables in code.
Why?
It is hard to check waybackurls by copy & paste into the browser. Many URLs get 404. Hence, This tool helps to reduce the error links & helps to find sensitive keywords in code.
Usage
Usage: magnify [-u] <url> [-f] <file> [-r] <rate> [-o] <filename>
-h: Help
-u --url: URL
-f --file: Input file containing URLs
-r --rate: Rate limit in seconds
-o --output: Output file name/path
Install
git clone https://github.com/heydc7/magnify.git
cd magnify/
python3 main.py -u https://google.com
Example
1. Get all waybackurls of the target
waybackurls target.com | tee Desktop/waybacks.txt
2. Go to the magnify directory
cd Downloads/magnify
3. Pass waybackurls file to magnify with -f or –file flag [required] & save the output in the file with -o or –output flag [optional]
python3 main.py -f ~/Desktop/waybacks.txt -o ~/Desktop/magnify.txt
Also, the rate limit in seconds can be added with the -r or –rate flag.
4. Filter out results with grep
cat Desktop/magnify.txt | grep 200
cat Desktop/magnify.txt | grep 403
cat Desktop/magnify.txt | grep 302
5. Single URL can be passed with -u or –url flag
python3 main.py -u https://target.com/admin.php
6. Check out the result which shows keywords found on the webpage.
(0%) ['https://target.com/?ch=10489', 200, 'AIza', 'appspot', 'auth', 'config', 'firebase', 'internal', 'key', 'login', 'pass', 'password', 'prod', 'user']
Final Thoughts
Magnify scans web content & look out for sensitive keywords. It is time efficient, accurate & scalable. It’s open source. Thank you!