{"id":13449299,"url":"https://github.com/CERN-CERT/WAD","last_synced_at":"2025-03-22T22:32:34.213Z","repository":{"id":35247563,"uuid":"39507255","full_name":"CERN-CERT/WAD","owner":"CERN-CERT","description":"Web application/technology detection tool","archived":false,"fork":false,"pushed_at":"2023-09-01T13:51:52.000Z","size":195,"stargazers_count":209,"open_issues_count":5,"forks_count":46,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-03-13T22:08:36.748Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CERN-CERT.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2015-07-22T13:21:59.000Z","updated_at":"2025-02-21T11:01:51.000Z","dependencies_parsed_at":"2022-09-17T03:13:43.226Z","dependency_job_id":"d9a5b60a-f537-4403-b8cd-0a857cc00611","html_url":"https://github.com/CERN-CERT/WAD","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CERN-CERT%2FWAD","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CERN-CERT%2FWAD/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CERN-CERT%2FWAD/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CERN-CERT%2FWAD/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CERN-CERT","download_url":"https://codeload.github.com/CERN-CERT/WAD/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245029010,"owners_count":20549637,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T06:00:35.173Z","updated_at":"2025-03-22T22:32:33.928Z","avatar_url":"https://github.com/CERN-CERT.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# WAD - Web application detector\n[![Build Status](https://travis-ci.org/CERN-CERT/WAD.svg?branch=master)](https://travis-ci.org/CERN-CERT/WAD) [![PyPI](https://img.shields.io/pypi/v/wad.svg)](https://pypi.python.org/pypi/wad)\n\nWAD lets you analyze given URL(s) and detect technologies used by web application behind that URL, \nfrom the OS and web server level, to the programming platform and frameworks, as well as server- and client-side\napplications, tools and libraries. \n\nFor example, results of scan of server might include: \n\n  * OS: Windows, Linux...\n  * Web server: Apache, Nginx, IIS...\n  * Programming platform: PHP, Python, Ruby, Java...\n  * Content management systems: Drupal, WordPress...\n  * Frameworks: AngularJS, Ruby on Rails, Django...\n  * various databases, analytics tools, javascript libaries, CDNs, comment systems, search engines and many others.\n  \n\n## How it works\nWAD is built as a standalone application, using [Wappalyzer](https://github.com/AliasIO/Wappalyzer)'s\ndetection rules. It sends a GET request to the given URL and analyzes both HTTP response header and body (HTML page), \nlooking for indications to discover web technologies used. \n\nDetection results may include information about versions of technologies used, for example Linux distro or Apache version. \nResults are categorized depending on type of technology (whether it is CMS or database etc.). There are now over 700 \ntechnologies that can be discovered using WAD.\n\n## Installation\n[WAD is available via PyPI](https://pypi.python.org/pypi/wad), so in order to install it, you simply need to run following command:\n\n`pip install wad`\n\n## Usage\nUse `wad -h` to print help text.\nJSON is used by default for formatting output data, but you can also use other formats with -f \u003cformat\u003e option.\n### Example usage scenario\nCommand: `wad -u https://pypi.python.org/` \n\nOutput:\n\n```\n{\n    \"https://pypi.python.org/pypi\": [\n        {\n            \"type\": \"cache-tools\", \n            \"app\": \"Varnish\", \n            \"ver\": null\n        }, \n        {\n            \"type\": \"web-servers\", \n            \"app\": \"Nginx\", \n            \"ver\": \"1.6.2\"\n        }\n    ]\n}\n```\n\n## Differences between WAD and Wappalyzer\nAlthough most of the rules matching functionality is simply a Python port of Wappalyzer's javascript implementation, there are some key differences between projects.\n\nFirst of all, Wappalyzer (as an extension) runs on top of web browser, which means that the scripts on scanned site were ran, so variables and objects are created and accessible. \nUnfortunately, this isn't and won't be a case for WAD. WAD parses raw site content (as delivered by HTTP response), without running it in browser context. \nThe consequences of that are simple - we can't use Wappalyzer's rules, that search for variables and objects in Javascript environment.\n\nSecondly, the project has and will continue to naturally diverge from Wappalyzer's codebase. We don't aim to make one-to-one port of Wappalyzer project and with intention to move to BeautifulSoup as DOM inspector (instead of blindly parsing the website with regex), we won't be able to assure same behaviour in every case. \n\nFinally, additional features added into WAD project aren't ported into Wappalyzer at the same time.\n\n## Changelog\n### 0.4.6 (2020-09-28)\n\n- Write logging outputs to stderr instead of stdout\n\n### 0.4.5 (2020-09-01)\n\n- Use latin-1 encoding for decoding page content\n\n### 0.4.4 (2020-06-17)\n\n- Process rest of URLs if an exception is raised while scanning one\n\n### 0.4.3 (2020-05-16)\n\n- Fix the released package, same as 0.4.2 otherwise\n\n### 0.4.2 (2020-05-15)\n\n- Removed deprecated argument 'encoding' from json.loads\n\n### 0.4.1 (2020-02-26)\n\n- Restored project long description on pypi\n\n### 0.4 (2020-02-26)\n\n- Updated to latest apps.json, usability improvements\n\n### 0.3.4 (2015-08-25)\n\n- Added additional_checks method, that allows further customization of Detector class\n\n### 0.3.3 (2015-08-17)\n\n- Fixed bug causing crash on SSL certificate mismatch in Python \u003e= 2.7.9\n\n### 0.3.2 (2015-08-17)\n\n- Fixed bug causing detection of Perl if the website had Polish (.pl) top-level domain\n- Tests refactoring (duplicate code into method)\n\n### 0.3.1 (2015-08-17)\n\n- Package should be thread-safe now\n- Minor changes to HumanReadableOutput\n\n### 0.3.0 (2015-08-13)\n\n- Added results grouping functionality\n\n### 0.2.0 (2015-08-10)\n\n- Multiple output formats (added Human readable text, CSV)\n- Some methods extracted from Detector's detect method.\n- Minor bugfixes\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FCERN-CERT%2FWAD","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FCERN-CERT%2FWAD","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FCERN-CERT%2FWAD/lists"}