whatweb

whatweb [options] urls

whatweb is a web scanner that identifies technologies used by websites, including content management systems, web frameworks, server software, JavaScript libraries, and analytics platforms. It sends requests to target URLs and analyzes responses to fingerprint the specific products and versions in use.The tool uses a plugin-based architecture with over 1,800 plugins for recognizing different technologies. Four aggression levels control scanning intensity, from passive analysis of a single page request to aggressive testing that makes additional requests to probe for specific technologies.Output can be formatted as JSON, XML, verbose text, or SQL for database storage. Multiple URLs can be scanned in a single run, and the tool supports authentication, custom headers, and proxy configuration for testing behind login pages or through intermediary servers.

-v

Verbose output showing detailed plugin results.

Aggression level: 1 (stealthy, single request, default), 3 (aggressive, additional requests on match), 4 (heavy, many requests per target). Level 2 is unused.

Log verbose output to a file.

Log output in JSON format.

Log output in XML format.

Quiet mode; suppress output to stdout.

Set a custom User-Agent string.

Number of simultaneous threads. Default: 25.

When to follow redirects: never, http-only, meta-only, same-site, or always (default).

Provide cookies (e.g., 'name=value; name2=value2').

Use an HTTP proxy for requests.

Only use on systems you are authorized to scan. Aggressive modes may be detected by intrusion detection systems. Requires Ruby.

wappalyzer(1), nmap(1), nikto(1)