Projects / WhatWeb

WhatWeb

WhatWeb identifies Websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognizes Web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, Web servers, and embedded devices. WhatWeb has over 900 plugins, each to recognize something different. It also identifies version numbers, email addresses, account IDs, Web framework modules, SQL errors, and more. It can be stealthy and fast, or thorough but slow. It supports an aggression level to control the trade off between speed and reliability.

Tags
Licenses
Operating Systems
Implementation

Recent releases

  •  05 Apr 2011 11:00

    Release Notes: Performance enhancements and bug fixes were made. "-p +" was added as a shortcut for "-p +plugins-disabled". The --quiet/-q option was added to suppress display of brief logging to STDOUT. Slow plugins were updated. More was done.

    •  27 Mar 2011 12:25

      Release Notes: This release adds ~600 new plugins, plugin reporting support for :model=>, :firmware=>, and :module=>, support for em-resolv-replace which speeds up whatweb many times, an XML stylesheet "whatweb.xsl" for XML reports, MongoDB logging, JSON logging, MagicTree logging, error logging, verbose logging, vulnerability matching support, -debug to raise errors found in plugins, an advanced plugin template, --quiet, redirect control, --max-redirects, custom headers, support for HTTP basic authentication, and nmap-style IP address range support.

      •  17 Aug 2010 11:02

        Release Notes: 135 new plugins were added. Some plugins were updated. Ruby 1.9 compatibility fixes were made. New types of matches for plugins include MD5 hashes, patterns of HTML tags, URL tests, added URL prefixes, suffixes and patterns, added cmdline custom plugin definitions, added spider file extension stuff, and more.

        •  04 Jul 2010 10:21

          Release Notes: Plugin writing was simplified. A bug with ruby 1.8.5 was fixed. Author names were added to plugin information. 67 plugins were added from Brendan Coles, bringing WhatWeb up to 163 plugins. References were added to Security-Assessment.com. Updates were made to the README, CHANGELOG, and plugin-template.rb.txt files.

          •  24 May 2010 12:43

            Release Notes: GPLv2 notices, a Makefile, and a man page were added. Page titles were colored. Plugin names were changed. A Cookie names plugin was added. Plugins were added for Concrete5 CMS, CushyCMS, FrogCMS, ModxCMS, TypoLight, and ExpressionEngine. The Google Analytics, MovableType, and Tomcat plugins were modified. The my-plugins/ folder was added. Usage information now shows the correct defaults. A bug for aggressive plugins and proxy settings was fixed. XML logging was added. Usage was updated to show how to pipe HTML to /dev/stdin. The --no-redirect option was added to avoid following HTTP 3xx redirects. The --version option was added. Invalid command line arguments are handled.

            Recent comments

            27 Feb 2011 09:08 planethosted

            It is a good website fingerprint tool. I use it on my free web host customers website to keep an eye on what they are doing. :)

            Check out the <a href="http://www.hackertarget.com">hackertarget.com</a> for online use; good if you are on windows boxen.

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.