WhatWeb Identify content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the webserver is set up and what software is delivering the webpage. Some of these hints are obvious, eg. “Powered by XYZ” and others are more subtle. WhatWeb recognises these hints and reports what it finds.

Project Home

http://www.morningstarsecurity.com/research/whatweb
Installation & Usage guide

root@punter:/pentest/enumeration/wget http://www.morningstarsecurity.com/downloads/whatweb-0.4.4.tar.gz

root@punter:/pentest/enumeration#tar -xvf whatweb-0.4.4.tar.gz

root@punter:/pentest/enumeration#sudo apt-get install ruby ruby-dev libopenssl-ruby

root@punter:/pentest/enumeration# cd whatweb-0.4.4

root@punter:/pentest/enumeration/whatweb-0.4.4# ./whatweb www.punter-infosec.com
http://www.punter-infosec.com [301] HTTPServer[Apache], UncommonHeaders[x-pingback], RedirectLocation[http://punter-infosec.com/], MD5[d41d8cd98f00b204e9800998ecf8427e]
http://punter-infosec.com/ [200] WordPress[3.0], UncommonHeaders[x-pingback], Google-Analytics[GA][17091216], HTML5, HTTPServer[Apache], Title[Penetration Testing,Vulnerability Assessment,Web Application Security,Information Security,Hacking tools,Wireless Security], MetaGenerator[WordPress 3.0], PoweredBy[WordPress,], JQuery[1.4.2], MD5[be5d96caad6699a884649eec47a74115], Header-Hash[5a4d8f38fc3bcab1718c100deec99cbe], Footer-Hash[0b101ee73a06b03c68b9c4cc415da556], Div-Span-Structure[108005edf735f34820dc0a870e1d67e1]