Whatweb
Jump to navigation
Jump to search
Description
Whatweb is a Ruby script written by Andrew Horton aka urbanadventurer from Security-Assessment.com. WhatWeb is a web scanner that identifies installed stuff (forums, CMS, blogs, etc.) on a remote server. It is based on a set of 250 plugins and has two modes of processing: a passive mode enables to detect installed applications while you are surfing on a site; an aggressive mode enables to forge requests to gather more information.
Installation
Prerequisites
$ sudo apt-get install ruby ruby-dev rubygems libxslt-ruby libxslt1-dev libopenssl-ruby $ sudo gem install em-resolv-replace $ sudo gem install json $ sudo gem install bison $ sudo gem install bson_ext $ sudo gem install mongo
Installation of WhatWeb
Stable release
$ cd /data/src/ $ wget http://www.morningstarsecurity.com/downloads/whatweb-0.4.5.tar.gz $ tar xzvf whatweb-0.4.5.tar.gz $ mkdir -p /pentest/enumeration/www/ $ mv whatweb-0.4.5/ /pentest/enumeration/www/whatweb/
Check that you don't have any error while invoking:
$ cd /pentest/enumeration/www/whatweb/ $ ./whatweb --help
Development version
$ mkdir -p /pentest/enumeration/www/ $ cd /pentest/enumeration/www/ $ git clone https://github.com/urbanadventurer/WhatWeb.git
Usage
Basic syntax
$ ./whatweb [options] <URLs>
Options
- --input-file=FILE, -i
- Identify URLs found in FILE, eg. -i /dev/stdin
- --aggression, -a
- 1: passive - on-page
- 2: polite - unimplemented
- 3: impolite - guess URLs when plugin matches (smart, guess a few urls)
- 4: aggressive - guess URLs for every plugin (guess a lot of urls like nikto)
- --recursion, -r
- Follow links recursively. Only follows links under the path
- (default: off)
- --depth, -d
- Maximum recursion depth
- (default: 10)
- --max-links, -m
- Maximum number of links to follow on one page
- (default: 250)
- --spider-skip-extensions
- Redefine extensions to skip.
- (default: zip,gz,tar,jpg,exe,png,pdf)
- --list-plugins, -l
- List the plugins
- --run-plugins, -p
- Run comma delimited list of plugins.
- Default is all
- --info-plugins, -I
- Display information plugins. Optionally specific a comma delimited list.
- --example-urls, -e
- Add example urls for each plugin to the target list
- --colour=[WHEN], --color=[WHEN]
- control whether colour is used. WHEN may be never, always, or auto
- --log-full=FILE
- Log verbose output
- --log-brief=FILE
- Log brief, one-line output
- --log-xml=FILE
- Log XML format
- --user-agent, -U
- Identify as user-agent instead of WhatWeb/0.4.5.
- --max-threads, -t
- Number of simultaneous threads. Default is 25.
- --no-redirect
- Do not follow HTTP 3xx redirects.
- --proxy
- <hostname[:port]> Set proxy hostname and port
- (default: 8080)
- --proxy-user
- <username:password> Set proxy user and password
- --open-timeout
- Time in seconds
- --read-timeout
- Time in seconds
- --custom-plugin
- Define a custom plugin call Custom,
- Examples: ":text=>'powered by abc'"
- ":regexp=>/powered[ ]?by ab[0-9]/"
- ":ghdb=>'intitle:abc \"powered by abc\"'"
- ":md5=>'8666257030b94d3bdb46e05945f60b42'"
- "{:text=>'powered by abc'},{:regexp=>/abc [ ]?1/i}"
- --url-prefix
- Add a prefix to target URLs
- --url-suffix
- Add a suffix to target URLs
- --url-pattern
- Insert the targets into a URL. Requires --input-file,
- eg. www.example.com/%insert%/robots.txt
- --help, -h
- This help
- --verbose, -v
- Increase verbosity, use twice for debugging.
- --version
- Display version information.
Examples
Comments
 |
15:11, 5 April 2011 (CEST)
|
Check it out at: http://www.morningstarsecurity.com/research/whatweb/
There's also a (restricted) live demo of WhatWeb 0.4.5 at http://whatweb.net/