-
Notifications
You must be signed in to change notification settings - Fork 990
Sources for Plugin Writing
,'``.._ ,'``.
:,--._:)\,:,._,.: HYPNOTOAD DESIRES
:`--,'' :`...';\ WHATWEB PLUGINS !
`,' `---' `.
/ :
/ \
,' :\.___,-.
`...,---'``````-..._ |: \
( ) ;: ) \ _,-.
`. ( // `' \
: `.// ) ) , ;
,-|`. _,'/ ) ) ,' ,'
( :`.`-..____..=:.-': . _,' ,'
`,'\ ``--....-)=' `._, \ ,') _ '``._
_.-/ _ `. (_) / )' ; / \ \-.'
`--( `-:`. `' ___..' _,-' |/ '.)
`-. `.`.``-----``--, .'
/'.\\'' ,',');
` (/ (/
ASCII art stolen from r33b.net
Have you ever wanted to target your exploits more efficiently? Ever wanted to engage in stealthy, large-scale internet scanning? Ever wanted to write a data-mining script for a web service? Ever wanted to parse local or remote files through several regular expressions and generate a tidy, grep-able report? Ever lost a web-app on your network because the only admin was hit by a bus during the install? Ever wanted to write and distribute a simple HTTP GET application but became overwhelmed with the amount of error-checking, escaping, encoding, HTTP authorization, HTML parsing and error-logging required for what is essentially a really simple task? Bored? Write a WhatWeb plugin!
Be sure to check out the Plugins [TO-DO] page for a list of applications which have already been allocated to a developer for fingerprinting.
- http://php.opensourcecms.com
- http://www.free-php.net/free-php-scripts/
- http://www.hlrnet.com/intcms.htm
- https://secure.wikimedia.org/wikipedia/en/wiki/List_of_content_management_systems
- http://www.microsoft.com/web/gallery/
- http://webxadmin.free.fr/article/jsp-cms-list-1032.php
- http://www.builtwith.com & http://trends.builtwith.com/
- http://seclists.org/pen-test/2006/Jan/att-210/cookie_fingerprinting.txt
- Powered Sites
- ExploitDB
- OWASP Favicon Database Project
- http://www.http-stats.com/Server
- http://www.http-stats.com/WWW-Authenticate
- http://www.shodanhq.com/?q=Ubicom/1.1
- http://www.shodanhq.com/?q=AVR_Small_Webserver
- http://www.shodanhq.com/?q=MiniServ
- http://www.shodanhq.com/?q=Mbedthis-AppWeb
- http://www.shodanhq.com/?q=Auther: Steven Wu
- http://www.shodanhq.com/?q=WindWeb -realm
- http://www.shodanhq.com/browse/tag/scada
- http://www.shodanhq.com/browse/tag/cisco
- http://www.shodanhq.com/browse/tag/gateway
- http://www.shodanhq.com/browse/tag/router
- http://www.shodanhq.com/browse/tag/webcam
- http://fhscanhttplibrary.googlecode.com/svn/!svn/bc/70/HTTPCore/trunk/release/KnownRouters.ini
- http://fhscanhttplibrary.googlecode.com/svn-history/r70/HTTPCore/trunk/release/RouterAuth.ini
Some config files are available at the URLs listed below. Plugins have already been written for the Aruba and Nortel devices.
- http://www.opus1.com/nac/lv06configs/
- http://www.opus1.com/nac/lv07configs/
- http://www.opus1.com/nac/lv08configs/
- http://www.opus1.com/nac/ny06configs/
- http://www.http-stats.com/Server
- http://www.http-stats.com/Web-Server-Software-Full
- http://www.shodanhq.com/?q=server
- http://fhscanhttplibrary.googlecode.com/svn/!svn/bc/70/HTTPCore/trunk/release/Webservers.ini
- http://fhscanhttplibrary.googlecode.com/svn/!svn/bc/70/HTTPCore/trunk/release/KnownWebservers.ini
- Analytics ( Yahoo ..)
- JavaScript Libraries (Google API, Yahoo API, etc)
- CaptCha (Recaptcha, ..etc)
- Video Players (Youtube, Vimeo, ...etc)
- Widgets (addthis,..etc)
- http://trends.builtwith.com/javascript/
- http://trends.builtwith.com/widgets/