View Issue Details

IDProjectCategoryView StatusLast Update
0009774Kali LinuxNew Tool Requestspublic2026-07-07 08:04
Reporter[email protected] Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
Summary0009774: New Tool Request: ShadowMap - web reconnaissance tool for subdomain enumeration, port scanning, and misconfiguration detection
Description

Name: ShadowMap

Version: 1.0.0

Homepage: https://github.com/siparsecurity/shadowmap

Download: https://github.com/siparsecurity/shadowmap/releases/tag/v1.0.0

Author: Sayed Muhammad Subayyal / Sipar Security

License: MIT

Description:
ShadowMap is a web reconnaissance tool built for penetration testers and bug bounty researchers. It performs:

  • DNS recon and zone transfer attempts (NS/MX/TXT enumeration)
  • Passive subdomain enumeration via certificate transparency logs (crt.sh)
  • Active subdomain brute-forcing with threading
  • Port and service scanning (pure Python sockets, with optional nmap integration)
  • Technology fingerprinting (CMS detection, server/framework identification)
  • Misconfiguration detection (exposed .git, .env, backup files, missing security headers, permissive CORS, directory listing)
  • Optional stealth mode (rotating user-agents, randomized delays)
  • HTML and JSON report output

Dependencies: Python 3.10+, requests, dnspython, rich, jinja2
Optional: nmap, python-nmap (for enhanced port scanning)

Similar tools: Sublist3r, Amass, httpx, nuclei — ShadowMap differs by combining recon, fingerprinting, and misconfiguration checks into a single unified tool with one command.

Activity: Actively developed. First stable release tagged July 2026.

Packaged for Debian: Yes. A debian/ directory is included in the repository and has been built and tested locally with dpkg-buildpackage, producing a working .deb (installs a shadowmap command to /usr/bin).

How to install:
git clone https://github.com/siparsecurity/shadowmap.git
cd shadowmap
git checkout v1.0.0
pip install -r requirements.txt

How to use:
shadowmap --domain example.com
shadowmap --domain example.com --nmap --stealth medium
shadowmap --domain example.com --json

For authorized security testing only.

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2026-07-07 08:04 [email protected] New Issue