Detectem - Goals ● Reliable version extraction ● Avoid false positives as much as possible ● Work on sites with intensive use of Javascript ● Have Test Driven Development as rule
Detectem - Features ● Passive detection with a browser (Splash) ● Works on the list of requests/responses (HAR) ● Javascript support through Splash ● Based on a plugin system ● Command-line executable & Web service
Detectem - Plugin system ● Idea taken from WhatWeb ● Provide enough flexibility for corner cases ● Plugins contain metadata ● Plugins contain matchers, indicators and hints
Detectem - Matchers ● Unit in charge of version extraction ● Could be simple regular expressions or functions ● Adapt to the context to avoid false positives ● Main strongness in the framework
How it looks - URL matcher class JqueryPlugin(Plugin): name = 'jquery' homepage = 'https://jquery.com/' matchers = [ {'url': ‘/jquery-(?P[0-9\.]+)\.js'}, ]
How it looks - Body matcher class JqueryPlugin(Plugin): name = 'jquery' homepage = 'https://jquery.com/' matchers = [ {'body': '/\*\! jQuery v(?P[0-9\.]+)'}, ]
How it looks - DOM matcher class D3JSPlugin(Plugin): name = 'd3.js' homepage = 'https://d3js.org' js_matchers = [{ 'check': 'window.d3', 'version': 'window.d3.version' }]