icon Book Free Consultation



Detective helps to find Sensitive information, files and directories that are not supposed to see. It primarily focuses on the information disclosure and sensitive data exposure vulnerabilities in the website or web application. 


First make sure you're on Python 2.7/3.3 or higher. 


  • sudo git clone https://github.com/tijme/detective.git

  • cd Detective

  • pip install -r requirments.txt

  • chmod +x detective.py


Lock image



detective [-h] -d DOMAIN [-pmm] [-cos] [-coh] [-cot][-siv] [-md MAX_DEPTH] 
required arguments: 
-d DOMAIN,         --domain DOMAIN  the domain to crawl (e.g. https://finnwea.com)
optional arguments:
-h,               --help show this help message and exit
-pmm,       --protocol-must-match only crawl pages with the same protocol as the start point (e.g. only https)
-cos,           --crawl-other-subdomains also crawl pages that have another subdomain than the startpoint
-coh,           --crawl-other-hostnames also crawl pages that have another hostname than the startpoint
-cot,           --crawl-other-tlds also crawl pages that have another tld than the startpoint
-siv,           --stop-if-vulnerable stop crawling if a vulnerability was found
-md MAX_DEPTH,     --max-depth MAX_DEPTH the maximum search depth (default is unlimited)
-mt MAX_THREADS --max-threads MAX_THREADS  the maximum amount of simultaneous threads to use (default is 8)