Thursday, 28 March 2019
0 comments

WebTech- Identify Technologies Used on Websites


WebTech- Identify Technologies Used on Websites - Written in Python


WebTech is a Python software that can identify web technologies by visiting a given website, parsing a single response file or replaying a request described in a text file. This way you can have reproducible results and minimize the requests you need to make to a target website.

The RECON phase in a Penetration Test is one among the most important ones. By being able to detect which software runs on the target it’s easier to search for vulnerabilities in a specific module or version.

WebTech scans websites and detect software and versions in use and can report data in a structured format like JSON or in a grepable text for later analysis.

CLI Installation

WebTech is available on pip:

pip install webtech
It can be also installed via setup.py:

python setup.py install --user

Burp Integration

Download Jython 2.7.0 standalone and install it into Burp.

In "Extender" > "Options" > "Python Environment":
  • Select the Jython jar location

Finally, in "Extender" > "Extension":
  • Click "Add"
  • Select "py" or "Python" as extension format
  • Select the Burp-WebTech.py file in this folder

Usage

Scan a website:

$ webtech -u https://example.com/

Target URL: https://example.com
...

$ webtech -u file://response.txt

Target URL:

Full usage:

$ webtech -h

Usage: 

webtech [options]

Options:

  -h, --help            show this help message and exit
  -u URLS, --urls=URLS  url(s) to scan
  --ul=URLS_FILE, --urls-file=URLS_FILE
                        url(s) list file to scan
  --ua=USER_AGENT, --user-agent=USER_AGENT
                        use this user agent
  --rua, --random-user-agent
                        use a random user agent
  --db=DB_FILE, --database-file=DB_FILE
                        custom database file
  --oj, --json          output json-encoded report
  --og, --grep          output grepable report
  --udb, --update-db    force update of remote db files

Download WebTech

0 comments:

Post a Comment

Note: only a member of this blog may post a comment.

 
Toggle Footer
Top