WebTech- Establish Applied sciences Used on Web sites – Written in Python
WebTech is a Python software program that may determine net applied sciences by visiting a given web site, parsing a single response file or replaying a request described in a textual content file. This fashion you may have reproducible outcomes and decrease the requests it’s essential make to a goal web site.
The RECON section in a Penetration Take a look at is one among the many most essential ones. By with the ability to detect which software program runs on the goal it’s simpler to seek for vulnerabilities in a particular module or model.
WebTech scans web sites and detect software program and variations in use and may report information in a structured format like JSON or in a grepable textual content for later evaluation.
CLI Set up
WebTech is obtainable on pip:
pip set up webtech
It may be additionally put in by way of setup.py:
python setup.py set up –user
Burp Integration
Obtain Jython 2.7.zero standalone and set up it into Burp.
In “Extender” > “Choices” > “Python Setting”:
- Choose the Jython jar location
Lastly, in “Extender” > “Extension”:
- Click on “Add”
- Choose “py” or “Python” as extension format
- Choose the Burp-WebTech.py file on this folder
Utilization
Scan an internet site:
$ webtech -u https://instance.com/
Goal URL: https://instance.com
…
$ webtech -u file://response.txt
Goal URL:
Full utilization:
$ webtech -h
Utilization:
webtech [options]
Choices:
-h, –help present this assist message and exit
-u URLS, –urls=URLS url(s) to scan
–ul=URLS_FILE, –urls-file=URLS_FILE
url(s) listing file to scan
–ua=USER_AGENT, –user-agent=USER_AGENT
use this consumer agent
–rua, –random-user-agent
use a random consumer agent
–db=DB_FILE, –database-file=DB_FILE
customized database file
–oj, –json output json-encoded report
–og, –grep output grepable report
–udb, –update-db drive replace of distant db information
