WhatWeb Identify content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the webserver is set up and what software is delivering the webpage. Some of these hints are obvious, eg. “Powered by XYZ” and others are more subtle. WhatWeb recognises these hints and reports what it finds.

Project Home

http://www.morningstarsecurity.com/research/whatweb
Installation & Usage guide

[email protected]:/pentest/enumeration/wget http://www.morningstarsecurity.com/downloads/whatweb-0.4.4.tar.gz

[email protected]:/pentest/enumeration#tar -xvf whatweb-0.4.4.tar.gz

[email protected]:/pentest/enumeration#sudo apt-get install ruby ruby-dev libopenssl-ruby

[email protected]:/pentest/enumeration# cd whatweb-0.4.4

[email protected]:/pentest/enumeration/whatweb-0.4.4# ./whatweb www.punter-infosec.com
http://www.punter-infosec.com [301] HTTPServer[Apache], UncommonHeaders[x-pingback], RedirectLocation[http://punter-infosec.com/], MD5[d41d8cd98f00b204e9800998ecf8427e]
http://punter-infosec.com/ [200] WordPress[3.0], UncommonHeaders[x-pingback], Google-Analytics[GA][17091216], HTML5, HTTPServer[Apache], Title[Penetration Testing,Vulnerability Assessment,Web Application Security,Information Security,Hacking tools,Wireless Security], MetaGenerator[WordPress 3.0], PoweredBy[WordPress,], JQuery[1.4.2], MD5[be5d96caad6699a884649eec47a74115], Header-Hash[5a4d8f38fc3bcab1718c100deec99cbe], Footer-Hash[0b101ee73a06b03c68b9c4cc415da556], Div-Span-Structure[108005edf735f34820dc0a870e1d67e1]