WhatWeb

LSE toolsLSE toolsWhatWeb (140)WhatWeb (140)

Tool and Usage

WhatWeb is a security tool written in Ruby to fingerprint web applications. It helps with detecting what software is used for a particular web application.

Why this tool?

WhatWeb can be used stealthy and fast to determine what technologies are used on a particular website or web application. This process called fingerprinting can tell a lot about how it was build and possible weaknesses it might have. The tool can be used in different levels, from stealthy to very aggressive. This last one is useful in penetration tests or during development.

How it works

WhatWeb does its magic by looking into headers, HTML, and other pointers that might reveal what software components are used. By using plugins, WhatWeb can be extended and do better fingerprinting.

Usage and audience

This tool is categorized as a web application fingerprinting tool, web application scanner, and website security audit tool.

WhatWeb is commonly used for reconnaissance or web application analysis. Target users for this tool are pentesters and security professionals.

Tool review

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + More than 25 contributors
  • + More than 1000 GitHub stars
  • + The source code of this software is available

Weaknesses

  • - No releases on GitHub available

Author and Maintainers

WhatWeb is under development by Andrew Horton. This project is currently maintained by Brendan Coles.

Installation

Support operating systems

WhatWeb is known to work on Linux.

This tool page was recently updated. Found an improvement? Become an influencer and submit an update.
Project details
Latest releaseNo release found
License(s)GPLv2
Last updatedOct. 16, 2017

Project health

78
This score is calculated by different factors, like project age, last release date, etc.

Links

GitHub iconGitHub project
 Wiki
 Project page

Related terms