Automating recon can be a useful tool for improving the efficiency, accuracy, scalability, and security of the recon process.

What is Magnify?

A tool for spider multiple URLs & check for sensitive variables in code.

Why?

It is hard to check waybackurls by copy & paste into the browser. Many URLs get 404. Hence, This tool helps to reduce the error links & helps to find sensitive keywords in code.

Usage

Usage: magnify [-u] <url> [-f] <file> [-r] <rate> [-o] <filename>
  -h: Help
  -u --url: URL
  -f --file: Input file containing URLs
  -r --rate: Rate limit in seconds
  -o --output: Output file name/path

Install

git clone https://github.com/heydc7/magnify.git
cd magnify/
python3 main.py -u https://google.com

Example

1. Get all waybackurls of the target

waybackurls target.com | tee Desktop/waybacks.txt

2. Go to the magnify directory

cd Downloads/magnify

3. Pass waybackurls file to magnify with -f or --file flag [required] & save the output in the file with -o or --output flag [optional]

python3 main.py -f ~/Desktop/waybacks.txt -o ~/Desktop/magnify.txt

Also, the rate limit in seconds can be added with the -r or --rate flag.

4. Filter out results with grep

cat Desktop/magnify.txt | grep 200
cat Desktop/magnify.txt | grep 403
cat Desktop/magnify.txt | grep 302

5. Single URL can be passed with -u or --url flag

python3 main.py -u https://target.com/admin.php

6. Check out the result which shows keywords found on the webpage.

(0%) ['https://target.com/?ch=10489', 200, 'AIza', 'appspot', 'auth', 'config', 'firebase', 'internal', 'key', 'login', 'pass', 'password', 'prod', 'user']

Final Thoughts

Magnify scans web content & look out for sensitive keywords. It is time efficient, accurate & scalable. It's open source. Thank you!

https://github.com/heydc7/magnify

Magnify: A recon tool to extract sensitive info

Table of contents