Information gathering with BlackWidow

Jan 10, 2020 by Thibault Debatty | 3292 views

Offensive Security

https://cylab.be/blog/56/information-gathering-with-blackwidow

BlackWidow is a python script that automatically crawls a website to gather information like phone numbers, email addresses, form URL’s etc. Very useful during the reconnaissance phase!

blackwidow

The easiest way to use it is using the available docker image:

docker pull cylab/blackwidow:latest
docker run cylab/blackwidow

By default the docker image simply shows the help menu:

You can spider a full domain using

docker run cylab/blackwidow -u https://example.com

BlackWidow will display quite a lot of debug information, and at the end (or when you hit ctrl + c) it will display the report containing the found URL’s, email addresses etc.

If you add the option -s y, BlackWidow will also test all dynamic pages against some OWASP vulnerabilities like XSS, SQL injection, directory traversal, local file inclusion etc…

This blog post is licensed under CC BY-SA 4.0

ARP Spoofing: Troubleshooting Internet Connectivity Issues

Red Teaming Offensive Security

If you’re planning to perform an ARP spoofing attack, you’ve probably encountered bettercap. If you’ve already set up a lab to experiment with ARP spoofing, you may have stumbled upon an issue where the internet is not reachable on your target. In this post, we’ll explore the root cause of this issue and provide a step-by-step guide to resolve it.
Apr 7, 2026 | 116 views
Offensive eBPF - SSH Ejector

Linux eBPF Offensive Security

Feb 18, 2026 | 899 views
Offensive eBPF - Building a Keylogger with libbpf

Linux Offensive Security eBPF

Feb 5, 2026 | 1096 views
This website uses cookies. More information about the use of cookies is available in the cookies policy.
Accept