projectdiscovery/katana
Katana is a next-generation web crawling and spidering framework from ProjectDiscovery, built in Go for speed and configurability. It operates in two modes: standard mode uses HTTP requests to rapidly crawl and extract endpoints, while headless mode launches a real browser (Chrome) to render JavaScript-heavy applications and capture dynamically loaded content. Katana automatically parses JavaScript files to extract embedded URLs and API endpoints that traditional crawlers miss. It features customizable automatic form filling to maximize surface area discovery during authorized penetration tests. Scope control is granular — include or exclude URL patterns with regex — and output can be directed to stdout, files, or JSON for pipeline integration. Headless mode adds support for custom Chrome flags, HTTP proxies, system Chrome usage, and built-in captcha solving (reCAPTCHA, hCaptcha, Cloudflare Turnstile). Technology detection runs passively during crawl. Katana integrates seamlessly with other ProjectDiscovery tools like Subfinder, Httpx, and Nuclei, and is a standard component in modern bug bounty and red team recon workflows.
git clone https://github.com/projectdiscovery/katana.git
Quick Start Example
# Install
go install github.com/projectdiscovery/katana/cmd/katana@latest
# Crawl a single URL
katana -u https://example.com
# Headless mode (JS rendering)
katana -u https://example.com -headless
# Scope control + JSON output
katana -u https://example.com -cs login -json -o endpoints.json
# Pipe into nuclei for vulnerability scanning
katana -u https://example.com | nuclei -t exposures/