karthikuj/sasori
Sasori is a dynamic web crawler powered by Puppeteer, designed for lightning-fast endpoint discovery.
Sasori helps security engineers and penetration testers automatically map out the attack surface of web applications, including modern dynamic sites and those behind login screens. It takes a starting URL and optional recorded login steps, then interacts with the site to discover all accessible pages and endpoints. The output is a comprehensive list of URLs and their associated structures, which can be fed into security scanners like Zaproxy or Burp Suite.
145 stars. No commits in the last 6 months.
Use this if you need to thoroughly explore a web application to find all its hidden pages, forms, and functionalities for security assessment, especially if it uses modern JavaScript or requires authentication.
Not ideal if you're only looking to scrape static content from a few known pages or build a simple data collection bot, as its focus is on comprehensive endpoint discovery for security.
Stars
145
Forks
16
Language
JavaScript
License
MIT
Category
Last pushed
Jul 23, 2024
Commits (30d)
0
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/perception/karthikuj/sasori"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Higher-rated alternatives
seleniumbase/SeleniumBase
APIs for browser automation, testing, and bypassing bot-detection.
apify/crawlee-python
Crawlee—A web scraping and browser automation library for Python to build reliable crawlers....
intoli/user-agents
A JavaScript library for generating random user agents with data that's updated daily.
apify/crawlee
Crawlee—A web scraping and browser automation library for Node.js to build reliable crawlers. In...
Kaliiiiiiiiii-Vinyzu/patchright
Undetected version of the Playwright testing and automation library.