Detective helps to find Sensitive information, files and directories that are not supposed to see. It primarily focuses on the information disclosure and sensitive data exposure vulnerabilities in the website or web application.
First make sure you're on Python 2.7/3.3 or higher.
sudo git clone https://github.com/tijme/detective.git
pip install -r requirments.txt
chmod +x detective.py
detective [-h] -d DOMAIN [-pmm] [-cos] [-coh] [-cot][-siv] [-md MAX_DEPTH]
-d DOMAIN, --domain DOMAIN the domain to crawl (e.g. https://finnwea.com)
-h, --help show this help message and exit
-pmm, --protocol-must-match only crawl pages with the same protocol as the start point (e.g. only https)
-cos, --crawl-other-subdomains also crawl pages that have another subdomain than the startpoint
-coh, --crawl-other-hostnames also crawl pages that have another hostname than the startpoint
-cot, --crawl-other-tlds also crawl pages that have another tld than the startpoint
-siv, --stop-if-vulnerable stop crawling if a vulnerability was found
-md MAX_DEPTH, --max-depth MAX_DEPTH the maximum search depth (default is unlimited)
-mt MAX_THREADS --max-threads MAX_THREADS the maximum amount of simultaneous threads to use (default is 8)