Clean JSON Output (Structured Findings) #1352
Description
Feature Request: Clean JSON Output (Structured Findings)
Description:
I would like to request support for a clean, structured JSON output format that only includes meaningful fields like url, status_code, fqdn, and ip, without raw HTTP data or response bodies. Currently, the -jsonl (-j) output includes verbose content such as request headers, raw bodies, and metadata, which makes post-processing or automation difficult.
Suggested implementation:
- Add a flag like
--structured-jsonor--minimal-json - Allow selection of specific fields using something like:
katana -u https://example.com -structured-json -fields url,ip,status_code,fqdn -o results.json
- Output should look like this:
[ { "url": "https://example.com/page1", "ip": "192.0.2.1", "status_code": 200, "fqdn": "example.com" }, { "url": "http://test.local/page2", "ip": "192.168.1.100", "status_code": 404, "fqdn": "test.local" } ]
This would be much cleaner and easier to use in downstream tools and scripts.
Even when using -or (omit raw) and -ob (omit body), the JSONL output is still overly verbose and lacks a simplified structure with flat fields like url, status_code, and ip. A dedicated flag for structured, concise output would better support automation and analysis workflows.
Description of the use case of this feature:
In automation pipelines, it’s common to consume Katana output in other tools (e.g., jq, Python, bash, SIEMs). The current JSONL output is verbose and includes unnecessary data (raw requests, full responses, body content, etc.).
A minimal, structured JSON output would:
- Make scripting and parsing easier
- Eliminate the need for custom JSON post-processing
- Enable better integration with monitoring, alerting, and reporting tools
- Provide only the essential fields for analysis (e.g., url, IP, HTTP status)
This would align Katana better with use cases for automation, continuous scanning, and reporting.