Skip to content
Krish Lalwani edited this page Jun 12, 2024 · 5 revisions

What is WhoKnows?

WhoKnows is a Penetration test tool and webscanner that can penetrate websites, domains, sub domainss, DNS, metadata, web crawling, web scraping, IPs, web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhoKnows has over 1800 plugins by diffrent authors around the globe, each to recognise something different. WhoKnows also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more.

WhoKnows is flexible can be stealthy and fast, or thorough but slow. WhoKnows supports an aggression level to control the trade off between speed and reliability. When you visit a website in your browser, the transaction includes many hints of what web technologies are powering that website. Sometimes a single webpage visit contains enough information to identify a website but when it does not, WhoKnows can interrogate the website further. The default level of aggression, called 'stealthy', is the fastest and requires only one HTTP request of a website. This is suitable for scanning public websites. More aggressive modes were developed for use in penetration tests. Most WhoKnows plugins are thorough and recognise a range of cues from subtle to obvious. For example, most WordPress websites can be identified by the meta HTML tag, e.g. '', but a minority of WordPress websites remove this identifying tag but this does not thwart WhoKnows. The WordPress WhoKnows plugin has over 15 tests, which include checking the favicon, default installation files, login pages, and checking for "/wp-content/" within relative links.


Development