Thinking Through rprobe v0.8.0

Thinking Through rprobe v0.8.0

• 4 min read
• By volker
rprobe Web Reconnaissance Security Tools TLS Analysis Content Analysis Web Security Screenshots Reporting Tool Development DevOps

Thinking Through rprobe v0.8.0

It’s April 16th, 2025, and I released aanother version of my tool rprobe (v0.8.0). When you build a tool for yourself, it tends to evolve based on the rough edges you encounter during actual use.

rprobe started as a simple probe, but the more you use something like this for web reconnaissance, the more you realize that just knowing if a server is responding on port 80 or 443 is only the beginning of the story. This release tries to fill in some of those subsequent chapters.

The focus this time was less on the initial probing and more on what happens next: analyzing what you’ve found and making sense of it.

Getting Better Reports

One early piece of an idea, was that the reporting needed more flexibility. A simple text dump is okay, but often you want to pipe the results into something else, generate a formal document, or just have a clearer visual overview. So, I spent some time adding support for different report formats (like HTML and CSV, alongside the existing text output) and generally tidying up how the results are presented. The goal was to make the output less of a raw data stream and more like structured information you can actually work with without needing a bunch of awk and sed magic.

Looking Inside: Content Analysis

This felt like the next logical step. Knowing a web server is running and what technology it uses is useful, but what’s on the page? Modern web apps can inadvertently expose sensitive data, this means API keys, internal comments, revealing error messages. Manually checking every discovered page is tedious and error-prone. I wanted rprobe to offer a first pass at this, scanning the content for common patterns associated with sensitive data or potential security misconfigurations. It won’t find everything, of course, but the idea is to surface the most obvious risks automatically, saving time and potentially catching things that might otherwise be missed.

Adding Eyes: Screenshots

Sometimes, text isn’t enough. Especially with dynamic web applications, what you see in the browser can be quite different from the raw HTML source. Or maybe you just need a quick visual record of what a site looked like at the time of the scan. Adding screenshot capability is a natural extension for reconnaissance. I am giving eyes to my kid. It required integrating with browser rendering engines (like Chrome/Chromium or falling back to wkhtmltoimage), which added some complexity, but provides a much richer picture of the target. Getting the rendering options right took some tweaking to capture content accurately. I am crossing the fingers that error reports are passing out on this one :)

Checking the Locks: TLS Analysis

With HTTPS being standard now, simply checking if port 443 is open isn’t sufficient. How is TLS configured? Is the certificate valid? Is it using strong protocols and ciphers? Are there known vulnerabilities associated with the setup? While tools like testssl.sh are excellent, integrating basic TLS checks directly into rprobe streamlines the workflow. The new TlsAnalyzer module performs these checks, looking for common configuration issues and best practice violations. For deeper dives, it can still leverage external tools if they’re installed (--comprehensive-tls), but having built-in analysis provides immediate value.

Housekeeping

Beyond the headline features, a lot of work in any release goes into refinement and maintenance. As features grow, configuration needs evolve. I extended the ConfigParameter setup to allow more granular control over how rprobe behaves, adding more fields and trying to set sensible defaults so users aren’t forced to configure every little detail unless they want to.

I also spent time in the core HTTP request processing and it got some attention to improve reliability and efficiency. You always find edge cases or ways to handle connections and responses slightly better. I added code to address this.

More features mean of course mean more knobs to turn. I added several new command-line options to control things like input sources, output destinations, logging verbosity, and flags to explicitly enable the new analysis features (content scanning, TLS checks, screenshots). The aim is to make the tool flexible directly from the command line. I am not too happy with the amount of new command line flags, so I keep a note to improve and group the flags better. But the original easy approach of this tool remains, even with more flags.

Feedback

Building tools like this is an iterative process. You add capabilities, refine existing ones based on use, and try to keep the foundation solid. Hopefully, these additions make rprobe more useful for understanding web targets more deeply.

As always, feedback is welcome. If you run into issues or have ideas, please open an issue on the GitHub repository.

Happy probing!