Whatweb: What is? Full tutorial from noob to pro [Updated 2024]

Introduction

In this post, you will learn what is whatweb tools is and how does it work. Also, you will learn the commands of the tool and In addition, I have given some additional information about the tool to support us and the video format of this post is down. If you don’t like my voice forgive me.

Video

What is whatweb

What web is a tool where you could gather information such as JavaScript libraries, web servers, and embedded devices and so on. In simple words, this tool is used to discover what the web is running

Do you understand❓ Have any doubt comment down below !!!

I have already made a video and wrote a blog on wappalyzer, This is the tool alternative to what web but wait what is doing a deep information gathering.

Also Read: Information gathering using wappalyzer

Advertisement

Who developed the whatweb tool

The tool was developed by two guys they are Andrew Horton & Brendan Colese and I have also left their Twitter link, Have any doubt regarding the tool you could directly ask them ????

To download the tool in Debian based machines just enter sudo apt-get install what web

What dose the what web tool do

  1. Proxy support including TOR
  2. Custom HTTP headers
  3. Basic HTTP authentication
  4. Control over webpage redirection
  5. Nmap-style IP ranges
  6. Fuzzy matching
  7. Result certainty awareness
  8. Custom plugins defined on the command line

Advertisement

Useful commands in whatweb

–aggression : Aggression levels are: 1,2,3 & 4

–user, -u: HTTP basic authentication

–proxy: Set proxy hostname and port Default: 8080

–proxy-user: Set proxy user and password

-v: Verbose output includes plugin descriptions.

–no-errors: Suppress error messages

-t: Number of simultaneous threads. Default: 25.

–help, -h: command help

How to use whatweb

Example1: Standard scan

In example 1 let’s do a standard scan, just enter

Whatweb www.techyrick.com
Whatweb command

Example2: Verbose

In this example let’s add -v that is verbose, the last result is not in an arranged manner so we are adding verbose.

whatweb -v www.techyrick.com
Whatweb command

Example3: Subnet

Let’s enter the IP address as the target and also let’s specify the subnet mask

whatweb -v 192.168.0.1/24
Entering the IP and the subnetmask specifying

Example4: Speed

Let’s add some speed to the search

whatweb -v -a 3 www.techyrick.com
Doing a aggressive scan in whatweb

Example5: Plugins

Searching for specific plugins in the target

whatweb -v techyrick.com adsense.com
searching for specific plugins

Example6: No error

No error command

whatweb --no-errors www.techyrick.com
no error on whatweb

Conclusion

This tool is great but not good as wapplyzer and buitwith and also there is not save options in this tool so, I recommend you to use the buitwith and that is my recommendation. Whatweb finally su©ks

Advertisement


Also Read: Subdomain information gathering using the sublist3r

Also Read: DNS-recon info gathering

Read: DNS-enum info gathering

2 Comments

  1. Thanks for making the whatweb blog post. Totally helped me. Best website to learn about all hacking tools from A to Z 💯

Comments are closed.