gowitness icon indicating copy to clipboard operation
gowitness copied to clipboard
verified publisher icon sensepost

Add Default Credentials Mapping

Open mr-pmillz opened this issue 1 year ago • 2 comments

Is your feature request related to a problem? Please describe.

Add a default credentials mapping based on source html/response data. This feature is not a huge priority but would be pretty sweet.

Describe the solution you'd like

EyeWitness uses txt files for signatures / categories and regex to do this mapping, but we could use a struct to json or yaml fingerprints file as an alternative approach.

In the GoWitness report, there could be a default credentials indicator icon in the gallery and additional info in the singular report page sections.

Additional context Created this issue as a potential feature / todo list item.

mr-pmillz avatar Oct 01 '24 23:10 mr-pmillz

Great idea. I was wondering about exactly this thing recently looking at this repo: https://github.com/ihebski/DefaultCreds-cheat-sheet (which is also permissively licensed!), but I left it thinking the false positive rate may be too high. However, the idea of more accurate fingerprints actually sounds great!

My preference would be a more structured data source too.

leonjza avatar Oct 02 '24 18:10 leonjza

Potential source: https://github.com/mongodb/kingfisher

leonjza avatar Dec 02 '25 09:12 leonjza