Select Page

Website Footprinting using WhatWeb

Ethical Hacking

WhatWeb is a web scanner included in Kali Linux, designed to identify and gather information about websites. It provides a wide range of details about a target, including web technologies, CMS (Content Management Systems), server versions, frameworks, plugins, and more. It is useful for reconnaissance in penetration testing and vulnerability assessments.

Key Features:

  • Identifies web technologies such as CMS, frameworks, and server software.
  • Detects versions of the software and technologies in use.
  • Supports customizable plugins for in-depth analysis.
  • Fast and lightweight, designed to scan a large number of websites quickly.
  • Offers both stealthy and aggressive modes depending on the user’s needs.

Popular WhatWeb Commands:

whatweb <target-url>
whatweb https://example.com
whatweb -v <target-url>

  • Combines verbose output with an aggressive scan for detailed analysis.

Use Cases:

  • Reconnaissance: Used during the information gathering phase of penetration testing to identify technologies, server information, and software versions.
  • CMS Detection: WhatWeb can quickly detect whether a website uses CMS like WordPress, Joomla, or Drupal, including the versions in use.
  • Vulnerability Assessment: By identifying technologies and versions, WhatWeb helps to identify potentially vulnerable components in the web application stack.

WhatWeb is a versatile tool for web application reconnaissance, providing valuable insights into the technologies behind a target website.

Latest Post:

Pin It on Pinterest