WisQuas Engine – Digital Footprint Discovery and Asset Analysis Crawler
Using a handful of nominal web requests, WisQuas Engine attempts to identify areas of weakness around serious Information Disclosures, Security and Service Misconfigurations, Default Installations, and Missing Input Sanitization. Hidden web containers, granting access to Shadow VHosts and localhost data, are detected along with WAF bypassing payloads, Host Header Manipulations, successful VERB Tampering, and User Agent redirection. DNS anomalies and Domain Shadowing may also be detected across a domain.
In addition, full ‘Digital Footprint Discovery and Inventory’ across a domain is performed for completeness. Our WisQuas Engine has proved to be extremely beneficial for performing OSINT, Penetration Testing, and supporting the VCISO (Virtual CISO) role and function, by providing situational awareness around all managed domains within an organization.
How does it work?
WisQuas will perform the following functions around a provided domain name…
- Resolve hostnames to IP addresses
- Perform ASN lookup on IP address to provide ownership info and geo/location info
- Perform subdomain enumeration and lookups
- Perform WHOIS lookup on domain name
- Reverse look-ups are performed on all WHOIS attributes
- Reputation and classification look-ups are performed on all subdomains and IP addresses
- Inventory and storage performed on all received headers, cookies, and meta-data (no content/request data is stored)
- Original URL request is ‘base-lined’ to be compared to all other requests
- Tactical fuzzing and enumeration across entire domain performed to generate unique errors and reveal layered web services
- Inspection of robots.txt file if available
- Enumerate through possible HTTP Verbs
- Perform Host Header Manipulation to detect additional accessible containers
- Catalog and store all digital assets in searchable database.
Building a haystack of digital inventory for further analysis.
Once all crawls have completed you may now search all saved data using our custom Rabbit Query Language (RQL).
RQL is Lucene based, with some additional custom search parameters and scoring methods (more info below) to increase likelihood of retrieving legitimate findings versus false positive findings. Our goal is to decrease noise-to-signal ratio, and increase the amount of actionable intelligence provided by WisQuas.
WisQuas Engine – Rabbit Query Language & Data Structures
API Endpoints & Maltego Transforms
WisQuas currently supports API queries across the database and integrates with Maltego to provide additional data enrichments around your domain and assets. Below are sample outputs using Maltego and local WisQuas transforms.
WisQuas 'Findings' - Maltego Transform
WisQuas 'Poor Mans Heartbleed' - Maltego Transform
n00b: FREE! No sign-up required. 20 results per query. No crawling.