Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mihneamanolache/webchecker

WebChecker is a simple tool used in pentesting to detect what CMS a website is running & more.
https://github.com/mihneamanolache/webchecker

cms-detection cms-detector pentest-tool pentesting python

Last synced: 3 months ago
JSON representation

WebChecker is a simple tool used in pentesting to detect what CMS a website is running & more.

Host: GitHub
URL: https://github.com/mihneamanolache/webchecker
Owner: mihneamanolache
License: mit
Created: 2022-01-17T12:11:44.000Z (about 3 years ago)
Default Branch: main
Last Pushed: 2022-11-14T17:37:31.000Z (about 2 years ago)
Last Synced: 2023-03-10T20:41:46.937Z (almost 2 years ago)
Topics: cms-detection, cms-detector, pentest-tool, pentesting, python
Language: Python
Homepage:
Size: 9.94 MB
Stars: 2
Watchers: 1
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# WebChecker
![Generic badge](https://img.shields.io/badge/Version-1.0.0-RED.svg)

**WebChecker** is a simple information gathering tool designed to help pentesters gather information about a target website.
![Screen-Recording-2022-02-04-at-0](https://user-images.githubusercontent.com/43548656/152489199-8c2aa54e-a304-4258-b17b-dc881220cff0.gif)

## Highlights
**WebChecker** `1.0.0` supports:
- WordPress Identification (4 stages)
- Joomla Identification (1 stage)
- Magento Identification (4 stages)
- Drupal Identification (3 stages)
- **Directory Bruteforcing **
- Detailed Headers Report

## Prerequisites
**WebChecker** is built with Python 3 and has been tested on MacOS so far.

## Installing WebChecker
To install **WebChecker** on your machine, run the following commands on your terminal:
```
git clone [email protected]:mihneamanolache/WebChecker.git
cd WebChecker
pip install -r requirements.txt
```

## Using WebChecker
**WebChecker** runs in terminal and can be used both with or without terminal arguments. The arguments it accepts are:
- `-u` or `--url` to specify the targeted URL
- `-b` or `--brute` to discover directories using bruteforce

Command example using arguments:
```
python3 WebChecker.py -u https://scoala.buzz/ -b /Users/laptop/Desktop/Wordlists/directories.txt
```
![Screenshot 2022-02-04 at 09 14 14](https://user-images.githubusercontent.com/43548656/152487424-79ac30a4-1c72-473d-9ad9-af5319fb20eb.png)

Where `directories.txt` is a simple wordlist which contains the following lines (in this case):
```
login
cpanel
archive
resources
email
wp-content
admin
.httaccess
.httaccess1
passwd
passwords
intranet
```
*Note that you can use any other wordlist (ie. [dnsmap.txt](https://github.com/Blkzer0/Wordlists/blob/master/dnsmap.txt "dnsmap.txt")). Just specify the path to the file after `-b`*

If used withoth the `--url` switch, the program will prompt the user to enter the target website manually:
```
python3 WebChecker.py
```
![Screenshot 2022-02-04 at 09 17 00](https://user-images.githubusercontent.com/43548656/152487765-e7142232-ddcb-4b7b-b63f-73de940f482b.png)