explaingit

michenriksen/aquatone

5,931GoAudience · ops devopsComplexity · 2/5Setup · moderate

TLDR

Aquatone is a command-line security tool that visits a list of websites or hosts, takes screenshots using a headless browser, and produces an HTML report grouped by visual similarity for fast reconnaissance.

Mindmap

mindmap
  root((aquatone))
    What It Does
      Screenshot websites
      Detect open web ports
      Group by appearance
    Input Formats
      DNS tool output
      Nmap Masscan output
      Plain hostnames file
    Output Files
      HTML visual report
      Responsive URL list
      JSON session file
    Audience
      Security testers
      Pentesters
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Feed a list of subdomains into Aquatone to screenshot every live web service and spot patterns or misconfigurations across hundreds of sites.

USE CASE 2

Pipe Nmap port-scan output into Aquatone to automatically screenshot all discovered web interfaces across a target network.

USE CASE 3

Use Aquatone during a security assessment to quickly survey the web-facing attack surface of an organization.

Tech stack

Go

Getting it running

Difficulty · moderate Time to first run · 30min

Requires Chrome or Chromium installed on the system for headless screenshot capture.

In plain English

Aquatone is a command-line security tool for getting a quick visual picture of all the websites running across a set of hosts or domains. You give it a list of targets, it checks which web ports are open on each one, visits every discovered web address using a headless browser (Chrome or Chromium running without a visible window), takes a screenshot, and saves the response headers and HTML. The end result is an HTML report that shows all the screenshots grouped by visual similarity, making it easy to spot patterns across a large number of sites at once. The tool is designed to fit into existing security workflows. You can pipe in output from nearly any other tool: DNS enumeration tools like Amass or Sublist3r, port scanners like Nmap or Masscan, or just a plain text file of hostnames and IP addresses. Aquatone figures out what it is looking at using pattern matching, so it does not require a specific input format. Port scanning uses a short default list of common web ports (80, 443, 8000, 8080, 8443), but you can specify your own list or use built-in presets ranging from a small two-port scan to an extra-large list of dozens of ports. If your input already contains full URLs, those are treated as live and skipped directly to the screenshot phase. Output files land in a directory you choose and include the HTML report, a list of all responsive URLs (useful as input for further tools), a JSON session file for automation, raw response headers, response bodies, and PNG screenshots. The session file can be reloaded later to regenerate the report without re-scanning. Aquatone is primarily used in security assessments and reconnaissance to quickly survey the web-facing attack surface of a target organization. The license terms are not stated in the README.

Copy-paste prompts

Prompt 1
I have a file with 500 subdomains from Amass. How do I pipe it into Aquatone to screenshot all live sites and get a grouped HTML report?
Prompt 2
Show me how to pipe Nmap XML output into Aquatone so it automatically screenshots every discovered web port on my target hosts.
Prompt 3
How do I configure Aquatone to scan a custom list of non-standard web ports like 8080 and 8443 across a set of hosts?
Open on GitHub → Explain another repo

← michenriksen on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.