[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] WhatWeb version 0.4 released

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] WhatWeb version 0.4 released
From: Andrew Horton <andrew@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 16 Mar 2010 01:24:55 +1300

I've just released a new version of WhatWeb, a next generation web scanner. 
This scanner isn't
designed to find vulnerabilities but to identify web software. I've fixed some 
bugs,
added features and added more plugins. Thanks to Emilio Casbas and Louis 
Nyffenegger for
contributing plugins :)

You can read more and download it from 
http://www.morningstarsecurity.com/research/whatweb

DESCRIPTION
--------------------------------------------------------------------------------
Identify content management systems (CMS), blogging platforms, stats/analytics 
packages, javascript
libraries, servers and more. When you visit a website in your browser the 
transaction includes many
unseen hints about how the webserver is set up and what software is delivering 
the webpage. Some of
these hints are obvious, eg. "Powered by XYZ" and others are more subtle. 
WhatWeb recognises these
hints and reports what it finds.

WhatWeb has over 70 plugins and needs community support to develop more. 
Plugins can identify
systems with obvious identifying hints removed by also looking for subtle 
clues. For example, a
WordPress site might remove the tag <meta name="generator" content="WordPress 
2.6.5"> but the
WordPress plugin also looks for "wp-content" which is less easy to disguise. 
Plugins are flexible
and can return any datatype, for example plugins can return version numbers, 
email addresses,
account ID's and more.

There are both passive and aggressive plugins, passive plugins use information 
on the page, in
cookies and in the URL to identify the system. A passive request is as light 
weight as a simple GET
/ HTTP/1.1 request. Aggressive plugins guess URLs and request more files. 
Plugins are easy to write,
you don't need to know ruby to make them.


CHANGES
--------------------------------------------------------------------------------
Version 0.4
* Added HTTPS support
* Improved installation instructions
* Improved documentation
* Better compatibility with ruby 1.9. Changed a case statement syntax, changed 
when 0: to when 0 then.
* Removed UTF-8 characters in plugins that were causing crashes
* Added php-nuke plugin, passively recognises modules
* Added Fluxbb plugin, can identify versions aggressively
* Added meta powered-by plugin. Matches tags like <meta name="powered-by" 
content="abc/1.23" />
* Added powered by plugin. Matches "Powered by BobsCMS", any text following 
powered by
* Improved plugin info listing invoked by ./whatweb -I. Shows number of 
examples and matches, and
shows presence of passive and aggressive functions
* Changed output style. Before strings are surrounded by single quotes, now all 
strings are
surrounded by square brackets
* Added OpenCMS plugin submitted by Emilio Casbas
* Added TomCat plugin submitted by Louis Nyffenegger
* Improved meta-generator plugin
* Fixed a bug in processing a target list from a file where a trailing space 
would be interpreted
incorrectly


Homepage: http://www.morningstarsecurity.com/research/whatweb

-- 
Cheers,

Andrew Horton

MorningStar Security
Mobile +64 (0) 272 646 959
Web www.morningstarsecurity.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] SecurityFocus to partially shut down
Next by Date: [Full-disclosure] An Analysis of the Skype IMBot Logic and Functionality
Previous by thread: [Full-disclosure] [Tool] sqlmap 0.8 released
Next by thread: [Full-disclosure] An Analysis of the Skype IMBot Logic and Functionality
Index(es):
- Date
- Thread