def test_analyze_no_apps(self):
analyzer = Wappalyzer(categories={}, apps={})
webpage = WebPage('http://example.com', '<html></html>', {})
detected_apps = analyzer.analyze(webpage)
self.assertEquals(detected_apps, set())
def test_get_analyze_with_categories():
webpage = WebPage('http://example.com', '<html>aaa</html>', {})
categories = {
"1": {
"name": "cat1",
"priority": 1
},
"2": {
"name": "cat2",
"priority": 1
}
}
technologies = {
'a': {
'html': 'aaa',
'cats': [1],
},
'b': {
'html': 'bbb',
'cats': [1, 2],
}
}
analyzer = Wappalyzer(categories=categories, technologies=technologies)
result = analyzer.analyze_with_categories(webpage)
assert result == {"a": {"categories": ["cat1"]}}
def test_analyze_no_apps(self):
analyzer = Wappalyzer(categories={}, apps={})
webpage = WebPage('http://example.com', '<html></html>', {})
detected_apps = analyzer.analyze(webpage)
self.assertEquals(detected_apps, set())
def test_analyze_no_technologies():
analyzer = Wappalyzer(categories={}, technologies={})
webpage = WebPage('http://example.com', '<html></html>', {})
detected_technologies = analyzer.analyze(webpage)
assert detected_technologies == set()
def test_analyze_with_versions_and_categories_pattern_lists():
webpage = WebPage(
'http://wordpress-example.com',
'<html><head><meta name="generator" content="WordPress 5.4.2"></head></html>',
{})
categories = {
"1": {
"name": "CMS",
"priority": 1
},
"11": {
"name": "Blog",
"priority": 1
}
}
technologies = {
"WordPress": {
"cats": [1, 11],
"html": [],
"icon": "WordPress.svg",
"implies": ["PHP", "MySQL"],
"meta": {
"generator": [
"Whatever123", "Whatever456",
"^WordPress ?([\\d.]+)?\\;version:\\1", "Whatever"
]
},
"website": "https://wordpress.org"
},
'b': {
'html': 'bbb',
'cats': [1, 2],
},
"PHP": {
"website": "http://php.net"
},
"MySQL": {
"website": "http://mysql.com"
},
}
analyzer = Wappalyzer(categories=categories, technologies=technologies)
result = analyzer.analyze_with_versions_and_categories(webpage)
assert ("WordPress", {
"categories": ["CMS", "Blog"],
"versions": ["5.4.2"]
}) in result.items()
def test_get_analyze_with_categories(self):
webpage = WebPage('http://example.com', '<html>aaa</html>', {})
analyzer = Wappalyzer(categories={"1": "cat1", "2": "cat2"}, apps={
'a': {
'html': 'aaa',
'cats': [1],
},
'b': {
'html': 'bbb',
'cats': [1, 2],
},
})
result = analyzer.analyze_with_categories(webpage)
self.assertEquals(result, {"a": {"categories": ["cat1"]}})
def wappalyzer(self, target, verbose=False):
"""
All verified subdomains are scanned with Wappalyzer to find out the
technology stack used in each of them.
Once wappalyzer is run, it prints out all verified domains
"""
print("\n" + self.Y + "[i] Verified and Analyzed Subdomains: \n")
wappalyzer = Wappalyzer.latest()
# Tech stack db which contains the tech stack of all the sub domains
collection = self.dbname['tech_stack']
collection.create_index('domain', unique=True)
count = self.dbname.collection.count()
for url in self.verified_domains:
try:
webpage = WebPage.new_from_url('http://' + url, verify=False)
tech_stack = wappalyzer.analyze(webpage)
if tech_stack and verbose:
print(self.G + "[i] URL: " + url)
print(self.B + "[i] Wappalyzer: " +
str(list(tech_stack)) + "\n")
# Push the above data to DB
data = {"id": count+1, "domain": url, "time": datetime.now()}
data["parent"] = target
data['tech_stack'] = list(tech_stack)
dataid = collection.insert(data)
count += 1
except Exception as e:
continue
return
def test_get_implied_apps(self):
analyzer = Wappalyzer(categories={}, apps={
'a': {
'implies': 'b',
},
'b': {
'implies': 'c',
},
'c': {
'implies': 'a',
},
})
implied_apps = analyzer._get_implied_apps('a')
self.assertEquals(implied_apps, set(['a', 'b', 'c']))
def test_get_implied_apps(self):
analyzer = Wappalyzer(categories={}, apps={
'a': {
'implies': 'b',
},
'b': {
'implies': 'c',
},
'c': {
'implies': 'a',
},
})
implied_apps = analyzer._get_implied_apps('a')
self.assertEquals(implied_apps, set(['a', 'b', 'c']))
def test_get_analyze_with_categories(self):
webpage = WebPage('http://example.com', '<html>aaa</html>', {})
analyzer = Wappalyzer(categories={"1": "cat1", "2": "cat2"}, apps={
'a': {
'html': 'aaa',
'cats': [1],
},
'b': {
'html': 'bbb',
'cats': [1, 2],
},
})
result = analyzer.analyze_with_categories(webpage)
self.assertEquals(result, {"a": {"categories": ["cat1"]}})
def test_get_implied_apps():
analyzer = Wappalyzer(categories={}, apps={
'a': {
'implies': 'b',
},
'b': {
'implies': 'c',
},
'c': {
'implies': 'a',
},
})
implied_apps = analyzer._get_implied_apps('a')
assert implied_apps == set(['a', 'b', 'c'])
def test_latest_update():
# Get the lastest file
lastest_technologies_file=requests.get('https://raw.githubusercontent.com/AliasIO/wappalyzer/master/src/technologies.json')
# Write the content to a tmp file
with open('/tmp/lastest_technologies_file.json', 'w') as t_file:
t_file.write(lastest_technologies_file.text)
# Create Wappalyzer with this file in argument
wappalyzer1=Wappalyzer.latest(technologies_file='/tmp/lastest_technologies_file.json')
wappalyzer2=Wappalyzer.latest(update=True)
assert wappalyzer1.technologies==wappalyzer2.technologies
assert wappalyzer1.categories==wappalyzer2.categories
def analyze_url(host, parameters):
"""
Analyzes an URL using wappalyzer and prints the results.
"""
auth = None
url = host
verify = True
proxies = {}
if not urlparse.urlparse(url).scheme:
url = 'http://{0}'.format(url)
wappalyzer = Wappalyzer.latest()
if parameters['username'] and parameters['password']:
if parameters['digest']:
auth = HTTPDigestAuth(parameters['username'], parameters['password'])
else:
auth = HTTPBasicAuth(parameters['username'], parameters['password'])
if parameters['proxy']:
proxies['http'] = parameters['proxy']
proxies['https'] = parameters['proxy']
if parameters.has_key('no_validate'):
requests.packages.urllib3.disable_warnings()
verify = False
try:
page = requests.get(url, auth=auth, proxies=proxies, verify=verify)
if page.status_code == 200:
webpage = WebPage(url, page.text, page.headers)
print('[+] {0} {1}'.format(host, wappalyzer.analyze(webpage)))
else:
print('[-] Got HTTP status code {0} - cannot analyze that...'.
format(page.status_code))
except requests.exceptions.ConnectionError as exception:
print('[-] Connection error: {0}'.format(exception))
sys.stdout.flush()
def extract_used_techs(url):
# webpage = urlopen(url, 60)
# content = webpage.read().decode('utf-8')
# headers = dict(webpage.getheaders())
# webpage = WebPage(url, html=content, headers=headers)#.new_from_url(url, verify=False)
webpage = WebPage.new_from_url(url, verify=False)
wappalyzer = Wappalyzer.latest()
return wappalyzer.analyze_with_versions_and_categories(webpage)
def analyze(uplist):
results = []
for host in goodlist:
wappalyzer = Wappalyzer.latest()
webpage = WebPage.new_from_url('https://' + host)
data = wappalyzer.analyze_with_versions_and_categories(webpage)
results.append(data)
return results
def get(self):
try:
if self.debug != 0:
print(
"\033[96m [+] \033[97mPerforming \033[96mTechnology \033[97mscan"
)
result = {}
w = Wappalyzer()
data = w.analyze(self.schema + self.hostname)
if isinstance(data, dict) and len(data) > 0:
result = data
return result
except Exception:
raise Exception("error recovering used technology")
def main():
wap = Wappalyzer.latest()
try:
web = WebPage.new_from_url("https://www.botlabco.ga/")
tecnologias = wap.analyze(web)
for t in tecnologias:
print("Tecnologia detectada: {}".format(t))
except:
print("Ha ocurrido un error")
def main():
wap = Wappalyzer.latest()
try:
web = WebPage.new_from_url("https://www.example.com")
tec = wap.analyze(web)
for t in tec:
print("Detectada: {}".format(t))
except:
print("Error 404")
def run(self):
parser = argparse.ArgumentParser()
parser.add_argument('-t',
action = "store", #stored
dest = "target",
help = "for example: ./wp.py -t site.com")
args = parser.parse_args()
self.site = args.target
if self.site is None:
sys.exit('Url is empty')
if self.site:
print '\n--------------------------------------------'
print("# Determining target {}".format(self.site))
print '--------------------------------------------'
try:
wappalyzer = Wappalyzer.latest()
if self.site.startswith('http://') == False:
self.site = ''.join(('http://',self.site))
webpage = WebPage.new_from_url(self.site)
analyze = wappalyzer.analyze(webpage)
for components in analyze:
print("> {}".format(components))
print '\n--------------------------------------------'
except requests.exceptions.Timeout:
print("Warning: warning website is unreachable")
print '--------------------------------------------'
except requests.exceptions.ConnectionError:
print 'Name or service not known'
print '--------------------------------------------'
except KeyboardInterrupt:
print("Why man ?")
def test_latest(self):
analyzer = Wappalyzer.latest()
print(analyzer.categories)
self.assertEquals(analyzer.categories['1'], {
'name': 'CMS',
'priority': 1
})
self.assertIn('Apache', analyzer.apps)
def run_wappalyze(self, domain):
analyzer = Wappalyzer.latest()
webpage = WebPage.new_from_url(domain)
analyze_result = analyzer.analyze(webpage)
if analyze_result:
for result in analyze_result:
log.console_log(result)
else:
log.console_log("Result Not Found")
def test_latest_update(tmp_path: Path):
# Get the lastest file
lastest_technologies_file = requests.get(
'https://raw.githubusercontent.com/AliasIO/wappalyzer/master/src/technologies.json'
)
tmp_file = tmp_path.joinpath('technologies.json')
# Write the content to a tmp file
with tmp_file.open('w', encoding='utf-8') as t_file:
t_file.write(lastest_technologies_file.text)
# Create Wappalyzer with this file in argument
wappalyzer1 = Wappalyzer.latest(technologies_file=str(tmp_file))
wappalyzer2 = Wappalyzer.latest(update=True)
assert wappalyzer1.technologies == wappalyzer2.technologies
assert wappalyzer1.categories == wappalyzer2.categories
def main():
wap = Wappalyzer.latest()
try:
# web = WebPage.new_from_url("https://www.example.com")
web = WebPage.new_from_url("https://200code.tech")
tecnologias = wap.analyze(web)
for t in tecnologias:
print("Tecnologia detectada: {}".format(t))
except:
print("Ha ocurrido un error")
def wappalyzeit(domain): wappalyzer = Wappalyzer.latest() webpage = WebPage.new_from_url(domain) set1 = wappalyzer.analyze(webpage) if set1: print "[+] Third party libraries in Use:" for s in set1: print s else: print "\t\t\t[-] Nothing found. Make sure domain name is passed properly"
def main():
wap = Wappalyzer.latest()
try:
web = WebPage.new_from_url('https://www.example.com')
tecnologias = wap.analyze(web) #este es un tipo de dato de lista
for t in tecnologias:
print(f'Tecnología detectada: {t}')
except:
print('Ha ocurrido un error!')
def main():
wap = Wappalyzer.latest()
try:
web = WebPage.new_from_url(
"https://curso--python-0-pruebas.000webhostapp.com/")
tecnologias = wap.analyze(web)
for t in tecnologias:
print("Tecnologia detectada: {}".format(t))
except:
print("Ha ocurrido un error")
def wappalyzeit(domain):
wappalyzer = Wappalyzer.latest()
webpage = WebPage.new_from_url(domain)
set1 = wappalyzer.analyze(webpage)
if set1:
print "[+] Third party libraries in Use:"
for s in set1:
print s
else:
print "\t\t\t[-] Nothing found. Make sure domain name is passed properly"
def useWappalyzer(url):
try:
wappalyzer = Wappalyzer.latest()
webpage = WebPage.new_from_url(url)
webprints = wappalyzer.analyze(webpage)
if len(webprints) > 0:
return list(webprints)
else:
return {}
except Exception as e:
print(e)
def __init__(self,
verbose=False,
wappalyzerpath=None,
wappalyzerargs=None,
python=False):
if not wappalyzerpath:
if shutil.which("wappalyzer"):
wappalyzerpath = ['wappalyzer']
elif shutil.which("docker"):
# Test if docker image is installed
o = subprocess.run(args=['docker', 'image', 'ls'],
stdout=subprocess.PIPE)
if 'wappalyzer/cli' not in o.stdout.decode():
self.wappalyzerpath = None
else:
self.wappalyzerpath = [
'docker', 'run', '--rm', 'wappalyzer/cli'
]
else:
self.wappalyzerpath = None
else:
self.wappalyzerpath = shlex.split(wappalyzerpath)
if not self.wappalyzerpath:
self.wappalyzerargs = None
self.python = True
elif python:
self.python = True
else:
self.wappalyzerargs = shlex.split(
wappalyzerargs) if wappalyzerargs else []
self.python = False
self.verbose = verbose
if self.python:
print("Using python-Wappalyzer")
try:
from Wappalyzer import Wappalyzer, WebPage
self.webpage = WebPage.new_from_url
self.wappalyzer = Wappalyzer.latest()
except ImportError:
print("Please install python-Wappalyzer")
exit(1)
else:
print("Using Wappalyzer CLI: {}".format(' '.join(
self.wappalyzerpath)))
self.results = []
def main():
if parser.page:
wap = Wappalyzer.latest()
try:
web = WebPage.new_from_url(URL)
tecnologias = wap.analyze(web)
for t in tecnologias:
print('Tecnologia detectada: {}'.format(t))
except:
print('Ha ocurrido un error')
def wappalyzeit(domain): print colored(style.BOLD + '---> Wapplyzing web page:\n' + style.END, 'blue') time.sleep(0.3) wappalyzer = Wappalyzer.latest() webpage = WebPage.new_from_url(domain) set1 = wappalyzer.analyze(webpage) if set1: print "[+] Third party libraries in Use:" for s in set1: print s else: print "\t\t\t[-] Nothing found. Make sure domain name is passed properly"
def services(subdomain):
found_services = []
# celery will feed result from subdomains scan to this.
for subDomain in subdomain[0]:
wappalyzer = Wappalyzer.latest()
try:
webpage = WebPage.new_from_url('http://' + subDomain)
found_services.append(list(wappalyzer.analyze(webpage)))
except:
error_array = ['No Service Detected - Error']
found_services.append(error_array)
return found_services
def wappalyzer_detection(): # pretty print the output (set; need to change to dict)
target = ""
if request.form.get('target'):
target = request.form.get('target')
req = requests.get('http://' + target)
if req.status_code == 200:
wappalyzer = Wappalyzer.latest()
webpage = WebPage.new_from_url('https://' + target)
output = wappalyzer.analyze(webpage)
return render_template('detection.html', target=output)
else:
req = requests.get('https://' + target)
wappalyzer = Wappalyzer.latest()
webpage = WebPage.new_from_url('https://' + target)
output = wappalyzer.analyze(webpage)
return render_template('detection.html', target=output)
else:
return render_template('detection.html')
def main():
if parser.target:
wap = Wappalyzer.latest()
try:
web = WebPage.new_from_url(parser.target)
tecnologias = wap.analyze(web)
for tecnologia in tecnologias:
print("Tecnología detectada: {}".format(tecnologia))
except:
print("Ha ocurrido un error")
else:
print("Imposible analizar el objetivo")
def wappalyzeit(domain):
temp_list = []
time.sleep(0.3)
wappalyzer = Wappalyzer.latest()
webpage = WebPage.new_from_url(domain)
set1 = wappalyzer.analyze(webpage)
if set1:
for s in set1:
temp_list.append("\t%s" % s)
return temp_list
else:
return temp_list
def wappalyzeit(domain):
temp_list = []
time.sleep(0.3)
wappalyzer = Wappalyzer.latest()
webpage = WebPage.new_from_url(domain)
set1 = wappalyzer.analyze(webpage)
if set1:
for s in set1:
temp_list.append("\t%s" % s)
return temp_list
else:
return temp_list
def main():
wap = Wappalyzer.latest()
try:
web = WebPage.new_from_url("https://prod.senasica.gob.mx/sisia/login"
) #Se pone la url a scanear
tecno = wap.analyze(web)
Categorias = wap.analyze_with_categories(web)
for t in tecno:
print("Tecnologias Detectadas son: {}".format(t))
for c in Categorias:
print("Categorias Detectadas: {}".format(c))
except:
print("Ha ocurriod un error")
def wappalyzeit(domain):
temp_list = []
time.sleep(0.3)
wappalyzer = Wappalyzer.latest()
webpage = WebPage.new_from_url(domain)
set1 = wappalyzer.analyze(webpage)
if set1:
print "[+] Third party libraries in Use:"
for s in set1:
temp_list.append("\t%s" % s)
print "\t%s" % s
return temp_list
else:
print "\t\t\t[-] Nothing found. Make sure domain name is passed properly"
return temp_list
def test_latest(self):
HTTPretty.register_uri(HTTPretty.GET, 'https://raw.github.com/ElbertF/Wappalyzer/master/share/apps.json', body="""
{
"categories": {
"foo": "bar"
},
"apps": {
"blee": {}
}
}
""")
analyzer = Wappalyzer.latest()
self.assertEquals(analyzer.categories['foo'], 'bar')
self.assertIn('blee', analyzer.apps)
def wappalyzeit(domain, taskId): try: wappalyzer = Wappalyzer.latest() odomain = "http://%s" % domain webpage = WebPage.new_from_url(odomain) set1 = wappalyzer.analyze(webpage) wap = [] if set1: print "[+] Third party libraries in Use:" for s in set1: wap.append(s) else: print "\t\t\t[-] Nothing found. Make sure domain name is passed properly" save_record(domain, taskId, "WapAlyzer", wap) return wap except: return []
def wappalyze(rid):
r = None
url = None
content = None
headers = {}
try:
r = Resource.objects.get(pk=rid)
if r.url:
url = r.url.url
if r.content:
content = r.content.content
if r.headers:
h = ast.literal_eval(r.headers)
for k,v in h.items():
headers[k] = v
except Exception as e:
logger.error(str(e))
#return None
if url and content and headers:
try:
wappalyzer = Wappalyzer.latest()
webpage = WebPage(
url=url,
html=content,
headers=headers,
)
apps = wappalyzer.analyze(webpage)
logger.debug(apps)
for a in apps:
webapp, created = Webapp.objects.get_or_create(
name = a,
)
r.webapp.add(webapp)
r.save()
#return r
except Exception as e:
logger.error(str(e))
return rid
def test_latest(self):
analyzer = Wappalyzer.latest()
print(analyzer.categories)
self.assertEquals(analyzer.categories['1'], 'CMS')
self.assertIn('Apache', analyzer.apps)
__author__ = 'js'
from bs4 import BeautifulSoup
from urlparse import urlparse
import requests,socket,re
from Wappalyzer import Wappalyzer,WebPage
from multiprocessing import Pool,Manager,cpu_count
wappalyzer = Wappalyzer.latest()
def getlist(file):
"""
Get target list
:param file:A file contern the target list.
:return:
"""
with open(file,"r") as ft:
tl = ft.readlines()
tl = [urlparse(url).hostname.strip() for url in tl]
return tl
def getIP(url):
"""
Get IP info
:param tl: the list of target
:return:
"""
return socket.gethostbyname(url)
