WhatWeb v0.3 - Next generation Web Scanner

Identifying content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. Licensed under GPLv3.

WhatWeb has over 60 plugins and needs community support to develop more. Plugins can identify systems with obvious signs removed by looking for subtle clues.

Example:

A WordPress site might remove the tag <meta name="generator" content="WordPress 2.6.5"> but the WordPress plugin also looks for "wp-content" which is less easy to disguise. Plugins are flexible and can return any datatype, for example plugins can return version numbers, email addresses, account ID’s and more.

There are both passive and aggressive plugins, passive plugins use information on the page, in cookies and in the URL to identify the system. Aggressive plugins guess URLs and request more files. Plugins are easy to write, you don’t need to know ruby to make them.

JPEG - 49.2 kb

Note: Released 29th November, 2009 at the Kiwicon conference (kiwicon.org) in Wellington, New Zealand.

Usage:

whatweb [options] <URLs>

  • —input-file=FILE, -i Identify URLs found in FILE
  • —aggression, -a
    • 1 passive - on-page
    • 2 polite - follow on-page links if in the extra-urls list (default)
    • 3 impolite - try extra-urls when plugin matches (smart, guess a few urls)
    • 4 aggressive - try extra-urls for every plugin (guess a lot of urls)
  • —recursion, -r Follow links recursively. Only follows links under the path (default: off)
  • —depth, -d Maximum recursion depth (default: 3)
  • —max-links, -m Maximum number of links to follow on one page (default: 25)
  • —list-plugins, -l List the plugins
  • —run-plugins, -p Run comma delimited list of plugins. Default is to run all
  • —info-plugins, -I Display information about a comma delimited list of plugins. Default is all
  • —example-urls, -e Add example urls for each plugin to the target list
  • —colour=[WHEN],
  • —color=[WHEN] control whether colour is used. WHEN may be `never’, `always’, or `auto’
  • —log-full=FILE Log verbose output
  • —log-brief=FILE Log brief, one-line output
  • —user-agent, -U Identify as user-agent instead of WhatWeb/VERSION.
  • —max-threads, -t Number of simultaneous threads identifying websites in parallel (CPU intensive). Default is 5.
  • —help, -h This help
  • —verbose, -v Increase verbosity (recommended), use twice for debugging.

More information: here

Post scriptum

Compliance Mandates

  • Application Scanner :

    PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2


Comments

Related Articles

Application Scanner
Enumeration
Information Gathering
WhatWeb