SARA (Security Assistant Researcher Analyzer) is an asynchronous web crawler with enumeration capabilities.

The primary goal of the tool is to crawl target addresses, analyze source code and JavaScript files, and search for keywords, comments, and inline scripts. It also supports custom headers for flexibility.

Also there is an animation indicating that the program is running is included. The message I’m researching will add a . every second to show activity.

• Crawling and Analysis: SARA scans pages, extracting valuable information such as links, JavaScript files, and analyzing their content. Can crawl multiple levels deep.
• Directory and Subdomain Enumeration: Perfect for discovering niche endpoints like /api or /graphql, as well as enumerating subdomains.
• Support for GET and POST requests: All modes (-c, --enum-d, --enum-s) support both `GET` and `POST` requests for more flexible crawling and enumeration.
• Headless Browser To Bypass WAF (-hl).
• Simulated User Behavior:
• The User-Agent header is randomly chosen from a preset list to mimic real browsers (e.g., Chrome, Firefox) and OS (e.g., Macintosh, Linux, Windows)
• Users can specify their own User-Agent, overriding the default one.
• The tool introduces a delay between requests (1–5 seconds) to simulate natural user behavior, minimizing noise and suspicion.

• Conducting penetration tests.
• Bug bounty programs that require deep automation with minimal detection and noise.

Here is a --help command output:

1. -t

Accepts a single URL, a domain, or a file containing multiple targets. Works in conjunction with the three primary modes: -c, --enum-s, and --enum-d.

2. -c (Crawling Mode).

Accepts either a single URL or a file containing multiple URLs.

In crawling mode, SARA gathers key data about the target, including:

• HTTP response codes
• Links on the target web page
• HTTP response headers and their analysis
• JavaScript files and their analysis
• Inline scripts
• Keywords and comments
3. -d (Deep Crawling & Controlled Exploration)

With -d or --depth, SARA can crawl multiple levels deep.

Use --depth 99 to enable interactive mode where you decide whether to proceed to the next depth level.

4. -hl (Headless-browser)

This flag enables crawling with a headless browser (via Playwright), which helps bypass WAF protections, JavaScript-rendered pages, and cloaked content.

Useful for targets that return misleading or blocked responses to regular HTTP requests.

5. --enum-d (Directory Enumeration).

Performs directory enumeration. Since the tool intentionally uses slow request rates (1-5 seconds per request), it is recommended for highly specific endpoint enumeration, such as APIs.

• Requires a target with a full URL, including the protocol (e.g., https://example.com).
• Accepts one target at a time.
• Can use a default wordlist or a custom file for directories.
• Default wordlist

  /admin, /login, /dashboard, /config, /api, /robots.txt, /sitemap.xml, /env, /private, /uploads, /tmp, /health, /metrics, /status, /graphql, /graphiql
6. --enum-s (Subdomain Enumeration)

Performs subdomain enumeration. Unlike --enum-d, this mode accepts only a domain as input (e.g., example.com).

• By default, it enumerates subdomains using the HTTPS protocol.
• Accepts one target at a time.
• Can use a default wordlist or a custom file for subdomains.
• Default wordlist

  dev, test, staging, qa, admin, dashboard, api, auth, mail, ftp, vpn, status
7. --http

Works with --enum-s to enable subdomain enumeration over HTTP instead of HTTPS.

8. -X

HTTP method to use (default: GET). Use -X POST for POST requests.

9. -H

Adds custom HTTP headers. If provided, the custom User-Agent header will replace the default.

• Accepts both a string or a file containing headers.
10. -o

Saves the output to a user-specified file.

• Output will also be printed to the terminal.
• JSON is the recommended format for easier post-processing.
11. -kw
Adds custom keywords for analysis during crawling.
• Accepts either a string or a file containing keywords.
12. -wjs

Disables JavaScript file analysis during crawling.

13. -wha

Disables HTTP header analysis during crawling.

14. -h (Help)

Displays the manual, including command examples for easier usage.

Follow these steps to set up and use SARA:

1. Clone the Repository

git clone https://github.com/Kode-n-Rolla/sara.git

2. Navigate to the Source Directory

cd sara/src

3. Make file executable

chmod +x sara.py

4. Install Dependencies

pip install -r requirements.txt

Alternatively, if you encounter an error like × This environment is externally managed, use:

pip install -r requirements.txt --break-system-packages

With venv

python3 -m venv sara

source sara/bin/activate

pip install requirements.txt

deactivate

5. Run the Tool

Execute the script with python3 to see available options:

python3 sara.py -h

6. Optional: Create a System-wide Command Shortcut

To make it easier to run SARA, you can create a symbolic link (recommended save in /opt first or any your tools directory):

sudo ln -s "$(pwd)/sara.py" /usr/local/bin/sara

Now, you can run the tool from anywhere using:

sara --help