Not Your Average Web Crawler
Execute your exploit against every request in scope

N.Y.A.W.C
Execute your exploit against every request in scope

Getting Started

Did you ever want to test your payload against all requests of a certain domain? N.Y.A.W.C can help you with that. It crawls all requests (e.g. GET, POST or PUT) on the specified domain and keeps track of the request and response data. During the crawling process, the callbacks enable you to insert your payload at specific places and test if they worked. And using the built in options you can do even more. Get started!


Step #1

You can define your startpoint (a request) and the crawling scope and then start the crawler.

Step #2

The crawler repeatedly starts the first request in the queue until max threads is reached.

Step #3

The crawler adds all requests found in the response to the end of the queue (except duplicates).

Step #4

The crawler goes back to step #2 to spawn new requests repeatedly until max threads is reached.

Several callbacks can be used throughout the crawling process to, for example, modify requests on the go.