Apify
Web automation & scraping platform powered by serverless Actors
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
Fast, configurable web crawler with headless and JavaScript support
Katana is a high‑speed, fully configurable crawler offering standard and headless modes, JavaScript parsing, automatic form filling, scope control, and flexible input/output options for automation pipelines.
Katana is a Go‑based web crawling framework designed for security researchers, DevOps engineers, and developers who need fast, automated site exploration. It supports both standard HTTP crawling and headless Chrome hybrid crawling, enabling deep inspection of JavaScript‑heavy applications. Features such as automatic form filling, JavaScript parsing (including jsluice), and technology detection make it suitable for complex reconnaissance tasks.
The tool can be installed via (requires Go 1.24+), Docker, or pre‑compiled binaries. Configuration is handled through an extensive flag set or external config files, allowing precise control over scope, filters, concurrency, and output formats (STDOUT, file, JSON). Headless mode leverages a local Chrome installation or the bundled browser, and can be run in sandboxed or incognito configurations. Katana integrates easily into CI/CD pipelines, supporting resume capabilities and rate‑limiting for large‑scale crawls.
go installWhen teams consider Katana, these hosted platforms usually appear on the same shortlist.
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
Comprehensive site map generation for penetration testing
Produces a JSON list of all reachable URLs, paths, and resources across the target domain.
Automatic discovery of admin panels via form filling
Extracts form actions and parameters, revealing hidden login endpoints.
Technology fingerprinting in CI pipelines
Integrates with the `-tech-detect` flag to output detected tech stacks for each endpoint.
Continuous monitoring of large web applications
Schedules recurring crawls with resume and rate‑limit options to track changes over time.
Run `go install github.com/projectdiscovery/katana/cmd/katana@latest` with Go 1.24+ installed.
Yes, you can pull the pre‑compiled Docker image `projectdiscovery/katana:latest` and run it directly.
A local Chrome installation (or the bundled browser) and the `-headless` flag; optional `-system-chrome` to use an existing Chrome binary.
Form filling is experimental; enable it with `-automatic-form-fill` and test on target sites before production use.
Use `-crawl-scope` and `-crawl-out-scope` regex options, or predefined field scopes with `-field-scope`.
Project at a glance
ActiveLast synced 4 days ago
