Web Application Analysiswebappfingerprintingcmsinformation-gatheringheaders

wig

WebApp Information Gatherer that identifies Content Management Systems and administrative applications through fingerprinting. It detects CMS versions based on checksums and string matching, and guesses server operating systems from headers.

Description

wig is a web application information gathering tool designed to identify numerous Content Management Systems (CMS) and other administrative applications. It performs application fingerprinting by calculating checksums and matching strings from known files across different CMS versions, resulting in a score for each detected CMS and its most probable versions. The score is determined by weights and the number of matching 'hits' for given checksums.

Use cases include reconnaissance during penetration testing to map out web technologies on target sites. It helps security professionals quickly identify CMS instances like WordPress or Joomla, along with version details, which can reveal potential vulnerabilities. Additionally, wig attempts to infer the server's operating system using 'server' and 'x-powered-by' headers against a database of known values, supporting guesses for Microsoft Windows versions and Linux distributions.

This tool is particularly useful in the initial phases of web application assessments where understanding the technology stack is crucial for targeted exploitation or further enumeration.

How It Works

Fingerprinting relies on checksums and string matching of known files for various CMS versions, producing a score based on weights and hit counts. For each detected CMS, the most probable versions are shown. OS detection parses 'server' and 'x-powered-by' headers against a built-in database of known values for Windows and Linux distributions. Scores reflect match confidence without additional requests in standard mode.

Installation

bash

sudo apt install wig

Flags

-h, --helpshow this help message and exit

-l INPUT_FILEFile with urls, one per line.

-qSet wig to not prompt for user input during run

-n STOP_AFTERStop after this amount of CMSs have been detected. Default: 1

-aDo not stop after the first CMS is detected

-mTry harder to find a match without making more requests

-uUser-agent to use in the requests

-t THREADSNumber of threads to use

--no_cache_loadDo not load cache

--no_cache_saveDo not save cache

-NNo banner

--verbosityIncrease verbosity

--proxy PROXYUse proxy for requests

-w OUTPUT_FILEOutput file

Examples

Scans the specified URL for CMS and OS information using default settings.

wig http://example.com

Displays the help message and usage information.

wig -h

Scans multiple URLs from a file, one per line.

wig -l urls.txt

Runs the scan without prompting for user input.

wig -q http://example.com

Stops after detecting 3 CMS instances.

wig -n 3 http://example.com

Continues scanning without stopping after the first CMS detection.

wig -a http://example.com

Applies harder matching efforts without additional requests.

wig -m http://example.com

Uses a custom user-agent string for requests.

wig -u 'Custom UA' http://example.com

Updated 2026-04-16kali.org ↗