WisQuas™ - Digital Footprint Discovery & Asset Analysis Crawler
Why limit your Vulnerability Assessments and Penetration Testing efforts to a single or even handful of systems during an engagement when you can analyze the entire domain and all of its assets. Perform an all-in-one Threat Landscape Assessment, Vulnerability & Misconfiguration Scan, Digital Footprint & Inventory, and OSINT Investigation, with WisQuas.
Improve your Time To Remediation (TTR), with WisQuas, and next level Digital Footprint Discovery and Asset Analysis Crawling.
How does it work?
WisQuas will perform the following functions around a provided domain name:
- Resolve hostnames to IP addresses
- Perform ASN lookup on IP address to provide ownership info and geo/location info
- Perform subdomain enumeration and lookups
- Perform WHOIS lookup on domain name
- Reverse look-ups are performed on all WHOIS attributes
- Reputation and classification look-ups are performed on all subdomains and IP addresses
- Inventory and storage performed on all received headers, cookies, and meta-data (no content/request data is stored)
- Original URL request is ‘base-lined’ to be compared to all other requests
- Tactical fuzzing and enumeration across entire domain performed to generate unique errors and reveal layered web services
- Inspection of robots.txt file if available
- Enumerate through possible HTTP Verbs
- Perform Host Header Manipulation to detect additional accessible containers
- Catalog and store all digital assets in searchable database.
Building a haystack of Digital Inventory for further analysis
RQL is Lucene based, with some additional custom search parameters and scoring methods (more info below) to increase likelihood of retrieving legitimate findings versus false positive findings. Our goal is to decrease noise-to-signal ratio, and increase the amount of actionable intelligence provided by WisQuas.
WisQuas Report Findings Table
Quickly gain insight into a domain's setup and infrastructure with our 'Findings Table' that categorizes findings and displays them appropriately.
Rabbit Query Language & Data Structures
Categorized data for quick results
Categorizing and structuring our data allows for efficient Rabbit Query Language queries that helps reduce complexity.
Multiple parameters for deeper refining
By utilizing multiple parameters in a query, targeted-results can be easily determined through an enormous data-set.
Limitless query combinations
There are endless query combinations to query the dynamic data that is collected from WisQuas.
Account Types & Descriptions
n00b (Free)
InfoSec Pro ($49/mo)
Our 'InfoSec Pro' license offers an affordable solution to bug-bounty hunters and security analysts who don't need private tagging or the more advanced features found in Researcher.
Jr. Analyst (Free with Signup)
Researcher ($99/mo)
Our 'Researcher' license offers bug-bounty hunters and researchers 50 crawls a month and the ability to privately tag their scans and report page access.
Business ($999/mo)
Our'Business' license enables security teams to collaboratively view and analyze the same data sets in private environments giving them cooperative testing experience.
Enterprise (Contact Us)
The 'Enterprise' license is a fully-private system equipped with Private Workers, Unlimited Crawling Capabilities and a Domain Monitoring & Reporting Portal.
