19 lines
1.1 KiB
Plaintext
19 lines
1.1 KiB
Plaintext
|
WhatWeb identifies websites. It's goal is to answer the question, "What
|
||
|
|
is that Website?". WhatWeb recognises web technologies including content
|
||
|
|
management systems (CMS), blogging platforms, statistic/analytics
|
||
|
|
packages, JavaScript libraries, web servers, and embedded devices.
|
||
|
|
WhatWeb has over 900 plugins, each to recognise something different.
|
||
|
|
WhatWeb also identifies version numbers, email addresses, account ID's,
|
||
|
|
web framework modules, SQL errors, and more.
|
||
|
|
|
||
|
|
WhatWeb can be stealthy and fast, or thorough but slow. WhatWeb supports
|
||
|
|
an aggression level to control the trade off between speed and
|
||
|
|
reliability. When you visit a website in your browser, the transaction
|
||
|
|
includes many hints of what web technologies are powering that website.
|
||
|
|
Sometimes a single webpage visit contains enough information to identify
|
||
|
|
a website but when it does not, WhatWeb can interrogate the website
|
||
|
|
further. The default level of aggression, called 'passive', is the
|
||
|
|
fastest and requires only one HTTP request of a website. This is
|
||
|
|
suitable for scanning public websites. More aggressive modes were
|
||
|
|
developed for in penetration tests.
|