WhatWeb v0.4 - released

Identifying content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. Licensed under GPLv3.

Version 0.4

  • Added HTTPS support
  • Improved installation instructions
  • Improved documentation
  • Better compatibility with ruby 1.9. Changed a case statement syntax, changed when 0: to when 0 then.
  • Removed UTF-8 characters in plugins that were causing crashes
  • Added php-nuke plugin, passively recognises modules
  • Added Fluxbb plugin, can identify versions aggressively
  • Added meta powered-by plugin. Matches tags like:
    <meta name="powered-by" content="abc/1.23" />
  • Added powered by plugin. Matches "Powered by BobsCMS", any text following powered by
  • Improved plugin info listing invoked by ./whatweb -I. Shows number of examples and matches, and shows presence of passive and aggressive functions
  • Changed output style. Before strings are surrounded by single quotes, now all strings are surrounded by square brackets
  • Added OpenCMS plugin submitted by Emilio Casbas
  • Added TomCat plugin submitted by Louis Nyffenegger
  • Improved meta-generator plugin
  • Fixed a bug in processing a target list from a file where a trailing space would be interpreted incorrectly

WhatWeb has over 60 plugins and needs community support to develop more. Plugins can identify systems with obvious signs removed by looking for subtle clues.

There are both passive and aggressive plugins, passive plugins use information on the page, in cookies and in the URL to identify the system. Aggressive plugins guess URLs and request more files. Plugins are easy to write, you don’t need to know ruby to make them.

JPEG - 49.2 kb

Usage:

whatweb [options] <URLs>

  • —input-file=FILE, -i Identify URLs found in FILE
  • —aggression, -a
    • 1 passive - on-page
    • 2 polite - follow on-page links if in the extra-urls list (default)
    • 3 impolite - try extra-urls when plugin matches (smart, guess a few urls)
    • 4 aggressive - try extra-urls for every plugin (guess a lot of urls)
  • —recursion, -r Follow links recursively. Only follows links under the path (default: off)
  • —depth, -d Maximum recursion depth (default: 3)
  • —max-links, -m Maximum number of links to follow on one page (default: 25)
  • —list-plugins, -l List the plugins
  • —run-plugins, -p Run comma delimited list of plugins. Default is to run all
  • —info-plugins, -I Display information about a comma delimited list of plugins. Default is all
  • —example-urls, -e Add example urls for each plugin to the target list
  • —colour=[WHEN],
  • —color=[WHEN] control whether colour is used. WHEN may be `never’, `always’, or `auto’
  • —log-full=FILE Log verbose output
  • —log-brief=FILE Log brief, one-line output
  • —user-agent, -U Identify as user-agent instead of WhatWeb/VERSION.
  • —max-threads, -t Number of simultaneous threads identifying websites in parallel (CPU intensive). Default is 5.
  • —help, -h This help
  • —verbose, -v Increase verbosity (recommended), use twice for debugging.

More information: here

Thank you to our friend Andrew Horton, from MorningStarSecurity

Post scriptum

Compliance Mandates

  • Application Scanner :

    PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2


Comments

Related Articles

Application Scanner
Enumeration
Information Gathering
WhatWeb