To Do

MD5 Matches

Implement aggressive md5 hash matches for version detection in popular open source software. WAFP and BlindElephant style.

Follow frames

Many websites still use frames on intro pages. A --follow-frames option would allow WhatWeb to grab these URLs instead of being stuck trying to fingerprint a HTML frameset.

--follow-frames=WHEN    Control when to follow frames. WHEN may be `never',
                        `frame-only', `iframe-only', `same-site', `same-domain'
                        or `always'. Default: never

Should frames be followed by default? Should following off-site frames be ignored or be a configurable option? Would never or same-site be the best default?

Aggression Level Five

Aggression level 5 will be used for requests which are directly related to compromising the security of a device or service without exploitation.

This includes requests designed to discover weak access controls caused by misconfiguration and requests designed to retrieve information from known information disclosure issues.

• Update Cisco-IOS plugin to determine if the device requires authorization using /level/[INTEGER]/exec/- requests
• Attempt login with default www-authorization credentials basic|digest base64(user:pass)
• Allow plugins to set custom headers, such as www-authenticate and cookies

Categorization

See the Categorization section on the Discussion page for more information, including suggested category names.

Goals of categorization:

• Run all plugins for a certain category:

./whatweb -c SCADA

• Display and group by categories in logging/output:

http://example.com [200]
HTML-Elements: Title, Meta-Generator, Script, Frame
Server: Apache
Web-App: Wordpress

• Multiple categories for plugins:

  • ordered by priority, ie, where conflicts exist in grouping, go with the first option.

category ["SCADA", "Device"]

• SSL Certificates

  • Extract hostname from ssl certificates
  • Should we test ciphers? Hmm.. probably not.