Wednesday, August 15, 2012

WhatWeb - Next Generation web scanner

-->
Sumber WhatWeb menyatakan, bahwa WhatWeb pada intinya merupakan tool untuk mengindetifikasi website, antara lain mengindetifikasikan sebuat website merupakan content management system atau cms, serta mengindentifikasi blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, dan embedded devices. Pernyataan pendukung dari developer WhatWeb mengatakan bahwa :

“ WhatWeb can be stealthy and fast, or thorough but slow. WhatWeb supports an aggression level to control the trade off between speed and reliability. When you visit a website in your browser, the transaction includes many hints of what web technologies are powering that website. Sometimes a single webpage visit contains enough information to identify a website but when it does not, WhatWeb can interrogate the website further. The default level of aggression, called ‘passive’, is the fastest and requires only one HTTP request of a website. This is suitable for scanning public websites. More aggressive modes were developed for in penetration tests.”

Hal di atas tersebut menjelaskan WhatWeb mengindetifikasi teknologi dari sebuah website yaitu informasi penting yang mendukung sebuah website tersebut.
Beberapa fitur yang mendukung antara lain:
* Over 900 plugins
* Control the trade off between speed/stealth and reliability
* Plugins include example URLs
* Performance tuning. Control how many websites to scan concurrently.
* Multiple log formats: Brief (greppable), Verbose (human readable), XML, JSON, MagicTree, RubyObject, MongoDB.
* Recursive web spidering
* Proxy support including TOR
* Custom HTTP headers
* Basic HTTP authentication
* Control over webpage redirection
* Nmap-style IP ranges
* Fuzzy matching
* Result certainty awareness
* Custom plugins defined on the command line

Cara Penggunaan

 Syntax :
 
--> ./whatweb www.websitetarget.com

   ./whatweb -v www.websitetarget.com






NOTE :
Tutorial ini hanya untuk tujuan pendidikan. Saya tidak bertanggung jawab atas jenis kegiatan ilegal yang dilakukan oleh Anda.


NOTE :
Tutorial ini hanya untuk tujuan pendidikan. Saya tidak bertanggung jawab atas jenis kegiatan ilegal yang dilakukan oleh Anda. Sumber : 
  • WhatWeb - Next generation web scanner. http://www.morningstarsecurity.com/research/whatweb
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)