thesp0nge/nightcrawler-mitm
A python program that crawls a website and tries to stress it, polluting forms with bogus data
This tool helps security researchers or penetration testers identify vulnerabilities in web applications. It acts as a proxy, inspecting network traffic, crawling the site to discover endpoints, and then actively scanning for common security flaws like XSS or SQL Injection. The output includes a list of potential vulnerabilities with confidence levels and automatically generated `curl` commands for easy reproduction.
Available on PyPI.
Use this if you need to perform a security assessment of a web application to uncover common vulnerabilities and understand its attack surface.
Not ideal if you are looking for a fully automated, hands-off penetration testing solution or if you need to analyze network traffic for reasons other than security assessment.
Stars
26
Forks
1
Language
Python
License
MIT
Category
Last pushed
Feb 20, 2026
Commits (30d)
0
Dependencies
4
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/perception/thesp0nge/nightcrawler-mitm"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Higher-rated alternatives
scrapy/scrapy
Scrapy, a fast high-level web crawling & scraping framework for Python.
Altimis/Scweet
A simple and unlimited twitter scraper : scrape tweets, likes, retweets, following, followers,...
lexiforest/curl_cffi
Python binding for curl-impersonate fork via cffi. A http client that can impersonate browser...
plabayo/rama
modular service framework to move and transform network packets
scrapinghub/spidermon
Scrapy Extension for monitoring spiders execution.