Information Gathering using whatweb - kali linux

information gathering

Welcome to the first post on Security Fuse and we wish you best of luck for your career and hope you will learn much from our blog.

Information Gathering is the first step of Penetration and Testing in which you have to gather all the information about your target and your aim is to find the weakest point in your target so you can exploit that weakness and vulnerability. By Information Gathering you are able to perform your attack more professionally and success rate increases with the information gathering step and almost every Cyber Security professional performs this step.

According to the famous quote
You must learn new way to think before you can master a new way to be - Marianne Williamson
So before starting keep in mind that you should not follow anyone,s ideas but you must always try exploiting in your own unique way.

We can gather information manually too but in this tutorial we will be using a tool in kali linux called " WhatWeb " for information gathering and via this whatweb tool we will be able to collect a tasty information about our targeted server and web application. This tool will dump all the important information which is necessary to launch our attack.

Make sure you have Kali Linux installed in your system because it comes pre-loaded with it and ready to use otherwise you can also install this tool on other linux platforms.

Whatweb

whatweb

Open Kali and follow the steps

Steps :- 

  1. Open the terminal in Kali Linux 
    kali linux

    2. Now in the second step type the command to gather information about your target ( i.e server ip or domain )

    whatweb securityfuse.com
Now when you will enter the command , it will display all the possible information about the web server and web application.

If you want more in-depth information gathering you can also do it with the same tool by entering a customized command which is below.


whatweb -a 3 securityfuse.com
Only by entering -a 3 after whatweb in between the whatweb and target you will get more in-depth information about your target.
whatweb


Such information could be seen in the above fig. in which it is showing some tasty information about the target and it is much information about the target necessary for any penterster to penetrate his target and Don't forget to share because sharing is caring.




Visitors are strictly tend to follow the terms and conditions and The content provided on this page is the authority of Security Fuse and the content provided is only for educational purpose. Security Fuse is not responsible for any of the act caused by viewers after reading the content from *.securityfuse.com. our aim is to provide a quality information on Cyber Security and exploitation and the knowledge is only for peace and educational purpose.
Share on Google Plus

About Ahmed Mehtab

Ahmed Mehtab is a white hat cyber security researcher , speaker , trainer and blogger at security fuse. He loves to research on cyber security issues , cyber crime and hacktivism. Quote " Being a hacker without having knowledge of programming is just like a knife without sharpness ~ Ahmed Mehtab "

4 comments :

  1. well good but kindly explain the outcomes of this command..

    ReplyDelete
    Replies
    1. Hi , thanks for sharing your views. you can simply check the image of whatweb command to check the outcome. it gives information about cms , and its versions and etc a tasty information.

      Delete
  2. How i get any website information using kali linux

    ReplyDelete

Hi , Please take a minute to say somthing about this post