WEBshot - Web page capturing tool

Kavishka Gihan
4 min readAug 23, 2021

--

WEBshot is an automated tool that allows you to capture screenshots of web pages without visiting them. This tool is fully written in Python and made use of the “Selenium” Browser Automation Project.

If you are a Bug hunter or a CTF player who often works with big web applications, this tool can save you a lot of time. You can let this run in the background and focus on the custom exploitation.

Installation

You can clone the repository from my GitHub.

You can clone it and install the dependencies with this.

git clone https://github.com/kavishkagihan/WEBshot.git
cd WEBshot && chmod +x install.sh
./install.sh

Usage

You can use the -h or --help option to view the help menu.

The simplest usage would be to specify a file with the list of URLs you want to capture with -f or --file option.

./WEBshot -f hosts

This will start capturing images of the URLs provided in the file you specify. Also if you want to, you can redirect the standard input and run it.

cat hosts|./WEBshot

By default, it will use the Firefox driver. If you want to use the chrome driver, you can use -C or the --chrome option.

Once it’s done, a directory called “output” (you can change the name you needed) should be created.

The “ss” directory which is inside that folder contains the screenshots that were captured.

Also, this tool will automatically generate a report with a summary of the information. You can start a server in the output directory to see the report.

cd output; python3 -m http.server 8000

Or you can use the --server option to start a server after the capturing is done.

./WEBshot -f hosts --server

According to the default configuration, the HTTP server will start on port 81, which can be changed. Then you can view the report by just visiting that address.

Here you can see a summarized table of the URL, Title, and the captured screenshot of the web pages.

In some cases, if you don’t want a report, you can use the --noreport option to skip making a report. Note that the --server option is available only if the --noreport is disabled.

Also, if you need live results to be displayed on the console, you can use the -v or --verbose option.

As you can see, this provides some additional information such as the path of the PNG file, the Size, and the Cookies about the page while the capturing process is going.

Configuration

In the WEbshot file itself, you will see a Config section at the top. You can change those values however you want.

OUT_DIR is the output directory and the SS_DIR is the directory in which the captured images are saved. In case, if you want to change the size of the images that appear in the report you can do that by changing the IMG_WIDTH and IMG_HEIGHT values.

Notice: If you wish to change these values, make sure to apply the corresponding changes to the index.html.tmp file in the assets directory as well.

Finally, the SRV_ADDR and the SRV_PORT defines the IP address and the port where the HTTP server is going to start when the --server option is used.

Custom drivers

As I mentioned earlier, this will use the Firefox driver by default. Also, you can use the --chrome option to use the chrome drivers. The specific drivers for these browsers are included in the GitHub repo itself. But if you want to install any other driver that is compatible with your system, you can install them from here.

After you install them, in order to use them you have to do the following changes.

  1. First, you have to set the CUSTOM_DRIVER to True.
  2. Then you have to set the path to the driver file in the DRIVER_PATH.

Contact me

If you have any questions regarding this, you can reach me on Gmail and Instagram.

Email — iamkavigihan@gmail.com
Instagram — @_kavigihan

--

--

Kavishka Gihan

Cyber Security Student | Machine author @hackthebox | find me on instagram @_kavi.gihan