lostrabbitlabs

WisQuas Engine – Digital Footprint Discovery and Asset Analysis Crawler

In order to properly provide situational awareness around all digital assets belonging to a domain, we have created a custom web crawler, focused on detecting common security misconfigurations, the presence of suspicious or leaked data, and missing controls and protections. The WisQuas Engine attempts to reveal that which may be hidden, through slight fuzzing, enumeration, and fingerprinting around your entire domain and its web services.

Using a handful of nominal web requests, WisQuas Engine attempts to identify areas of weakness around serious Information Disclosures, Security and Service Misconfigurations, Default Installations, and Missing Input Sanitization. Hidden web containers, granting access to Shadow VHosts and localhost data, are detected along with WAF bypassing payloads, Host Header Manipulations, successful VERB Tampering, and User Agent redirection. DNS anomalies and Domain Shadowing may also be detected across a domain.

In addition, full ‘Digital Footprint Discovery and Inventory’ across a domain is performed for completeness. Our WisQuas Engine has proved to be extremely beneficial for performing OSINT, Penetration Testing, and supporting the VCISO (Virtual CISO) role and function, by providing situational awareness around all managed domains within an organization.

How does it work?
​​​​​WisQuas will perform the following functions around a provided domain name…
  • Resolve hostnames to IP addresses
  • Perform ASN lookup on IP address to provide ownership info and geo/location info
  • Perform subdomain enumeration and lookups
  • Perform WHOIS lookup on domain name
  • Reverse look-ups are performed on all WHOIS attributes
  • Reputation and classification look-ups are performed on all subdomains and IP addresses
  • Inventory and storage performed on all received headers, cookies, and meta-data (no content/request data is stored)
  • Original URL request is ‘base-lined’ to be compared to all other requests
  • Tactical fuzzing and enumeration across entire domain performed to generate unique errors and reveal layered web services
  • Inspection of robots.txt file if available
  • Enumerate through possible HTTP Verbs
  • Perform Host Header Manipulation to detect additional accessible containers
  • Catalog and store all digital assets in searchable database.

Building a haystack of digital inventory for further analysis.

Once all crawls have completed you may now search all saved data using our custom Rabbit Query Language (RQL).

RQL is Lucene based, with some additional custom search parameters and scoring methods (more info below) to increase likelihood of retrieving legitimate findings versus false positive findings. Our goal is to decrease noise-to-signal ratio, and increase the amount of actionable intelligence provided by WisQuas.

WisQuas Engine – Rabbit Query Language & Data Structures

API Endpoints & Maltego Transforms

WisQuas currently supports API queries across the database and integrates with Maltego to provide additional data enrichments around your domain and assets. Below are sample outputs using Maltego and local WisQuas transforms.


WisQuas 'Findings' - Maltego Transform



WisQuas 'Poor Mans Heartbleed' - Maltego Transform


Account Types & Descriptions:

n00b: FREE! No sign-up required. 20 results per query. No crawling.

Jr Analyst: FREE! Email sign-up required. 100 (paginated) results per query. No crawling.
Infosec Pro ($20/mo): Unlimited results per query. Limited crawling to public container (20 crawl credits) with Report access.
Researcher ($99/mo): Unlimited results per query. Ability to Privately tag crawls (50 crawl credits) with Report access.

Business ($999/mo): Up to 10 user accounts, Unlimited Crawling, & Privately tagged crawls.
Enterprise (CONTACT US): Domain Monitoring & Reporting Portal, Unlimited Crawling with Private Workers & Private system.

If you need help or have any questions, join our Discord server: