Introduction
Identify content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the webserver is set up and what software is delivering the webpage.Some of these hints are obvious, eg. “Powered by XYZ” and others are more subtle. WhatWeb recognises these cues and reports what it finds.
WhatWeb has over 250 plugins and needs community support to develop more. Plugins can identify systems with obvious identifying hints removed by also looking for subtle clues. For example, a WordPress site might remove the tag but the WordPress plugin also looks for “wp-content” which is less easy to disguise. Plugins are flexible and can return any datatype, for example plugins can return version numbers, email addresses, account ID’s and more.
There are both passive and aggressive plugins, passive plugins use information on the page, in cookies and in the URL to identify the system. A passive request is as light weight as a simple GET / HTTP/1.1 request. Aggressive plugins guess URLs and request more files. Plugins are easy to write, you don’t need to know ruby to make them.
Example Usage
i tested simple command on our sister site www.basicgeeks.com and result was good
Log Output
There are currently 3 types of log output. They are:–log-brief Brief logging. Default output
–log-full Full logging. Complete output from each plugin
–log-xml XML logging. Same information as default output but in XML format
You can output to multiple logs simulatenously by specifying muliple command line logging options.
you can download whatweb here
Thanks for writing about WhatWeb.
ReplyDeleteYou left the WhatWeb homepage off your article, so here it is: http://www.morningstarsecurity.com/research/whatweb
If you use the latest (development) version then you get over 600 plugins: https://github.com/urbanadventurer/WhatWeb