wig (WebApp Information Gatherer)
Tool and Usage
- BSD 2-clause
- Programming language
- Latest release
- Latest release date
Why this tool?
Wig is a security tool to discover what particular software is for a web application or website. It can detect several Content Management Systems (CMS) and other administrative applications. This may be useful for those performing reconnaissance or information gathering, like during a penetration test of security assessment.
How it works
Wig performs application fingerprinting by using checksums and string matching of known files. The discovered data is scored and the best matches are displayed. The tool can also do a guess about the operating systems used by looking at several HTTP headers like server and x-powered-by.
Usage and audience
wig is commonly used for application fingerprinting, information gathering, reconnaissance, or web application analysis. Target users for this tool are pentesters.
- Command line interface
- JSON output supported
Example usage and output
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
- - No updates for a while
- - Full name of author is unknown
Supported operating systems
Wig is known to work on Linux.
Similar tools to wig:
WhatWeb is a security tool written in Ruby to fingerprint web applications. It helps with detecting what software is used for a particular web application.
CMSeeK is a security scanner for content management systems (CMS) and used for security assessments. Read how it works in this review.
Wappalyzer is an information gathering tool for web applications and websites. It may be used for security assessments, or simply to look up technology details.
This tool page was updated at . Found an improvement? Help the community by submitting an update.