[web scan] WhatWeb 웹스캔 소개

<WhatWeb>

[WhatWeb]은 대상 웹사이트가 어떤 것인지 식별할 수 있게 도와주는 웹스캔 도구이다. 웹 콘텐츠 관리 시스템(CMS), 블로그 플랫폼, 통계/분석 패키지, 자바 스크립트 라이브러러리, 웹 서버 및 임베디드 장치를 인지할 수 있으며, 이를 위한 플러그인이 약 900여개 포함되어 있다.

또한, [WhatWeb]은 version numbers, email addresses, account IDs, web framework modules, SQL errors 등 까지도 확인이 가능하다.

 

[hatWeb 다운로드]

whatweb-0.4.7.tar.gz

 

[WhaWeb의 특징]

□ Over 900 plugins
□ Control the trade off between speed/stealth and reliability
□ Plugins include example URLs
□ Performance tuning. Control how many websites to scan concurrently.
□ Multiple log formats: Brief (greppable), Verbose (human readable), XML, JSON, MagicTree, RubyObject, MongoDB.
□ Recursive web spidering
□ Proxy support including TOR
□ Custom HTTP headers
□ Basic HTTP authentication
□ Control over webpage redirection
□ Nmap-style IP ranges
□ Fuzzy matching
□ Result certainty awareness
□ Custom plugins defined on the command line

 

[Usage]

Usage: whatweb [options] TARGET SELECTION:                   Enter URLs, filenames or nmap-format IP ranges.                         Use /dev/stdin to pipe HTML directly   --input-file=FILE, -i Identify URLs found in FILE, eg. -i /dev/stdin   --url-prefix          Add a prefix to target URLs   --url-suffix          Add a suffix to target URLs   --url-pattern         Insert the targets into a URL. Requires --input-file,                         eg. www.example.com/%insert%/robots.txt   --example-urls, -e    Add example URLs for each selected plugin to the target                         list. By default will add example URLs for all plugins. AGGRESSION LEVELS:   --aggression, -a=LEVEL The aggression level controls the trade-off between                         speed/stealth and reliability. Default: 1                         Aggression levels are:         1 (Passive)     Make one HTTP request per target. Except for redirects.         2 (Polite)      Reserved for future use         3 (Aggressive)  Triggers aggressive plugin functions only when a                         plugin matches passively.         4 (Heavy)       Trigger aggressive functions for all plugins. Guess a                         lot of URLs like Nikto. HTTP OPTIONS:   --user-agent, -U=AGENT Identify as AGENT instead of WhatWeb/0.4.7.   --user, -u= HTTP basic authentication   --header, -H          Add an HTTP header. eg "Foo:Bar". Specifying a default                         header will replace it. Specifying an empty value, eg.                         "User-Agent:" will remove the header.   --follow-redirect=WHEN Control when to follow redirects. WHEN may be `never',                         `http-only', `meta-only', `same-site', `same-domain'                         or `always'. Default: always   --max-redirects=NUM   Maximum number of contiguous redirects. Default: 10 SPIDERING:   --recursion, -r       Follow links recursively. Only follow links under the                         path Default: off   --depth, -d           Maximum recursion depth. Default: 10   --max-links, -m       Maximum number of links to follow on one page                         Default: 250   --spider-skip-extensions Redefine extensions to skip.                         Default: zip,gz,tar,jpg,exe,png,pdf PROXY:   --proxy               Set proxy hostname and port                         Default: 8080   --proxy-user          Set proxy user and password PLUGINS:   --plugins, -p         Comma delimited set of selected plugins. Default is all.                         Each element can be a directory, file or plugin name and                         can optionally have a modifier, eg. + or -                         Examples: +/tmp/moo.rb,+/tmp/foo.rb                         title,md5,+./plugins-disabled/                         ./plugins-disabled,-md5 -p + is a shortcut for -p +plugins-disabled   --list-plugins, -l    List the plugins   --info-plugins, -I    Display information for all plugins. Optionally search                         with keywords in a comma delimited list.   --custom-plugin       Define a custom plugin called Custom-Plugin,                         Examples: ":text=>'powered by abc'"                         ":regexp=>/powered[ ]?by ab[0-9]/"                         ":ghdb=>'intitle:abc \"powered by abc\"'"                         ":md5=>'8666257030b94d3bdb46e05945f60b42'"                         "{:text=>'powered by abc'},{:regexp=>/abc [ ]?1/i}" LOGGING & OUTPUT:   --verbose, -v         Increase verbosity, use twice for plugin development.   --colour,--color=WHEN control whether colour is used. WHEN may be `never',                         `always', or `auto'   --quiet, -q Do not display brief logging to STDOUT   --log-brief=FILE      Log brief, one-line output   --log-verbose=FILE    Log verbose output   --log-xml=FILE        Log XML format   --log-json=FILE       Log JSON format   --log-json-verbose=FILE Log JSON Verbose format   --log-magictree=FILE  Log MagicTree XML format   --log-object=FILE     Log Ruby object inspection format   --log-mongo-database  Name of the MongoDB database   --log-mongo-collection Name of the MongoDB collection. Default: whatweb   --log-mongo-host      MongoDB hostname or IP address. Default: 0.0.0.0   --log-mongo-username  MongoDB username. Default: nil   --log-mongo-password  MongoDB password. Default: nil   --log-errors=FILE     Log errors PERFORMANCE & STABILITY:   --max-threads, -t     Number of simultaneous threads. Default: 25.   --open-timeout        Time in seconds. Default: 15   --read-timeout        Time in seconds. Default: 30   --wait=SECONDS        Wait SECONDS between connections                         This is useful when using a single thread. HELP & MISCELLANEOUS:   --help, -h            This help   --debug               Raise errors in plugins   --version             Display version information. (WhatWeb 0.4.7) EXAMPLE USAGE:   whatweb example.com   whatweb -v example.com   whatweb -a 3 example.com   whatweb 192.168.1.0/24

 

[Example Output]

 

[wiki 페이지]

https://github.com/urbanadventurer/WhatWeb/wiki