urbanadventurer
diff --git a/‎CHANGELOG.md‎
Lines changed: 36 additions & 1 deletion b/‎CHANGELOG.md‎
Lines changed: 36 additions & 1 deletion
diff --git a/‎Gemfile‎
Lines changed: 10 additions & 7 deletions b/‎Gemfile‎
Lines changed: 10 additions & 7 deletions
diff --git a/‎README.md‎
Lines changed: 72 additions & 27 deletions b/‎README.md‎
Lines changed: 72 additions & 27 deletions
diff --git a/‎addons/verify-nikto‎
Lines changed: 1 addition & 1 deletion b/‎addons/verify-nikto‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/colour.rb‎
Lines changed: 1 addition & 1 deletion b/‎lib/colour.rb‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/helper.rb‎
Lines changed: 1 addition & 1 deletion b/‎lib/helper.rb‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/http-status.rb‎
Lines changed: 1 addition & 1 deletion b/‎lib/http-status.rb‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/logging.rb‎
Lines changed: 1 addition & 1 deletion b/‎lib/logging.rb‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/logging/errors.rb‎
Lines changed: 1 addition & 1 deletion b/‎lib/logging/errors.rb‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/plugin_support.rb‎
Lines changed: 1 addition & 1 deletion b/‎lib/plugin_support.rb‎
Lines changed: 1 addition & 1 deletion
@@ -1,4 +1,24 @@
-Version 0.5.6 - ?, 2021
+Version 0.6.1 - August 2, 2025
+
+Changelog:
+* Updated version from 0.5.5 to 0.6.1
+* Improved SSL/TLS security with comprehensive cipher suite support (TLSv1, TLSv1.1, TLSv1.2, SSLv3, SSLv2)
+  - Added SSL_ATTRIBUTES constant for verify_mode
+  - Replaced dynamic SSL parameter collection with explicit SSLContext configuration
+  - Set verify_mode to VERIFY_NONE for maximum compatibility
+  - Enabled negotiation of all SSL/TLS versions including legacy SSLv2/SSLv3
+* Enhanced HTTPS connection handling with optimized verification settings
+  - Cleared minimum version restrictions and disabled protocol exclusion flags
+  - Added fallback handling for different OpenSSL configurations
+* Added dual-protocol feature: simple hostnames (without paths or ports) are now scanned using both HTTP and HTTPS protocols
+  - Automatically creates and tests both HTTP and HTTPS versions of simple hostnames
+  - Shows informational message when dual-protocol scanning is performed
+  - Intelligently detects and avoids duplicate URL scanning with redirect handling
+* Added robust input validation and error handling
+  - Automatically aborts processing after 10 consecutive parsing errors
+  - Prevents wasted resources when processing invalid data sources
+  - Provides helpful error messages to guide users in troubleshooting input issues
+  - Handles various error cases including malformed URLs and non-URL input data
 
 This release introduces three new search contexts for plugin authors to use:
 - uri.path
@@ -21,6 +41,14 @@ An example of how to use this is from the PHP plugin.
 
 ## NEW PLUGINS
 * Plex Media Server (@urbanadventurer)
+* Meta-Facebook-Infrastructure (@urbanadventurer)
+* Netflix-Platform (@urbanadventurer)
+* VKontakte-Platform (@urbanadventurer)
+* Distributed-Tracing (@urbanadventurer)
+* Modern-Security-Headers (@urbanadventurer)
+* Baidu-Platform (@urbanadventurer)
+* Alibaba-Aliyun (@urbanadventurer)
+* Weibo-Platform (@urbanadventurer)
 
 ## PLUGIN UPDATES
 * Adobe-Flash (@urbanadventurer)
@@ -34,6 +62,13 @@ An example of how to use this is from the PHP plugin.
 * Ruby (@urbanadventurer)
 * TYPO3 (@definity)
 * WordPress (@juananpe)
+* Shopify (enhanced HTTP header detection) (@urbanadventurer)
+* CloudFlare (enhanced with CF-RAY and other headers) (@urbanadventurer)
+* CloudFront (renamed to Amazon-CloudFront and enhanced) (@urbanadventurer)
+* Tengine Web Server (added Alibaba-specific headers) (@urbanadventurer)
+* Content-Security-Policy (added modern CSP headers) (@urbanadventurer)
+* Azure (renamed to Microsoft-Azure and enhanced) (@urbanadventurer)
+
 
 
 Version 0.5.5 - January 16, 2021
 
@@ -16,21 +16,24 @@ gem 'addressable'
 gem 'json'
 
 # MongoDB logging - optional
-group :mongo do
-  #gem 'mongo'
-  #gem 'rchardet'
+# To use: bundle install --with mongo
+group :mongo, optional: true do
+  gem 'mongo'
+  gem 'rchardet'
 end
 
 # Character set detection - optional
-group :rchardet do
-  #gem 'rchardet'
+# To use: bundle install --with rchardet
+group :rchardet, optional: true do
+  gem 'rchardet'
 end
 
 # Development dependencies required for tests
 group :test do
   gem 'rake'
-  gem 'minitest'
-  gem 'rubocop'
+  # Support both older and newer Ruby versions
+  gem 'minitest', '>= 5.14.2', '< 6.0'
+  gem 'rubocop', '~> 1.0'
   gem 'rdoc'
   gem 'bundler-audit'
   gem 'simplecov', require: false
 
@@ -1,11 +1,11 @@
-[![License](https://img.shields.io/badge/license-GPLv2-brightgreen.svg)](https://raw.githubusercontent.com/urbanadventurer/whatweb/master/LICENSE) ![Stable Release](https://img.shields.io/badge/stable_release-0.5.5-blue.svg) ![WhatWeb Plugins](https://img.shields.io/badge/plugins-1824-brightgreen.svg) [![Repositories](https://repology.org/badge/tiny-repos/whatweb.svg)](https://repology.org/project/whatweb/versions)
+[![License](https://img.shields.io/badge/license-GPLv2-brightgreen.svg)](https://raw.githubusercontent.com/urbanadventurer/whatweb/master/LICENSE) ![Stable Release](https://img.shields.io/badge/stable_release-0.6.1-blue.svg) ![WhatWeb Plugins](https://img.shields.io/badge/plugins-1824-brightgreen.svg) [![Repositories](https://repology.org/badge/tiny-repos/whatweb.svg)](https://repology.org/project/whatweb/versions)
 
 ![logo](https://morningstarsecurity.com/wp-content/uploads/2019/02/WhatWeb-Logo-800px.png "WhatWeb Logo")
 
 # WhatWeb - Next generation web scanner
 Developed by Andrew Horton [urbanadventurer](https://github.com/urbanadventurer/) and Brendan Coles [bcoles](https://github.com/bcoles/)
 
-Latest Release: v0.5.5. January 16, 2021
+Latest Release: v0.6.1. August 2, 2025
 
 License: GPLv2
 
@@ -55,6 +55,7 @@ Most WhatWeb plugins are thorough and recognise a range of cues from subtle to o
 * Result certainty awareness
 * Custom plugins defined on the command line
 * IDN (International Domain Name) support
+* Dual-protocol scanning for simple hostnames (automatically tests both HTTP and HTTPS)
 
 ## Example Usage
 
@@ -78,7 +79,7 @@ $::$  .  $$$ $::$  $$$ $::$  $$$     $::$     $::$  .  $$$ $::$      $::$  $$$$
 $;;$ $$$ $$$ $;;$  $$$ $;;$  $$$     $;;$     $;;$ $$$ $$$ $;;$      $;;$  $$$$
 $$$$$$ $$$$$ $$$$  $$$ $$$$  $$$     $$$$     $$$$$$ $$$$$ $$$$$$$$$ $$$$$$$$$'
 
-WhatWeb - Next generation web scanner version 0.5.5.
+WhatWeb - Next generation web scanner version 0.6.1.
 Developed by Andrew Horton (urbanadventurer) and Brendan Coles (bcoles)
 Homepage: https://morningstarsecurity.com/research/whatweb
 
@@ -109,7 +110,7 @@ AGGRESSION:
       all plugins are used for all URLs.
 
 HTTP OPTIONS:
-  --user-agent, -U=AGENT Identify as AGENT instead of WhatWeb/0.5.5.
+  --user-agent, -U=AGENT Identify as AGENT instead of WhatWeb/0.6.1.
   --header, -H          Add an HTTP header. eg "Foo:Bar". Specifying a default
                         header will replace it. Specifying an empty value, eg.
                         "User-Agent:" will remove the header.
@@ -193,7 +194,7 @@ HELP & MISCELLANEOUS:
   --short-help            Short usage help.
   --help, -h              Complete usage help.
   --debug                 Raise errors in plugins.
-  --version               Display version information. (WhatWeb 0.5.5).
+  --version               Display version information. (WhatWeb 0.6.1).
 
 EXAMPLE USAGE:
 * Scan example.com.
@@ -360,12 +361,52 @@ Character set detection, with the Charset plugin dramatically decreases performa
 
 ## Optional Dependencies
 
-To enable MongoDB logging install the mongo gem.
-    gem install mongo
+WhatWeb supports optional dependencies for MongoDB logging and character set detection. 
 
-To enable character set detection and MongoDB logging install the rchardet gem.
-  gem install rchardet
-  cp plugins-disabled/charset.rb my-plugins/
+Optional dependencies is why the Gemfile is split into groups and WhatWeb does not come with a Gemfile.lock. Should you want a Gemfile.lock, it will be created when you run `bundle install`.
+
+You can install them using Bundler groups:
+
+### MongoDB Support
+
+To enable MongoDB logging:
+
+```bash
+# Install dependencies
+bundle install --with mongo
+
+# If you're using an older version of Bundler
+GEMFILE_GROUPS="default mongo" bundle install
+```
+
+### Character Set Detection
+
+To enable character set detection (required for JSON and MongoDB logging):
+
+```bash
+# Install dependencies
+bundle install --with rchardet
+
+# If you're using an older version of Bundler
+GEMFILE_GROUPS="default rchardet" bundle install
+
+# Copy the charset plugin
+cp plugins-disabled/charset.rb my-plugins/
+```
+
+### All Optional Dependencies
+
+To install all optional dependencies at once:
+
+```bash
+# Install all optional groups
+bundle install --with mongo rchardet
+
+# If you're using an older version of Bundler
+GEMFILE_GROUPS="default mongo rchardet" bundle install
+```
+
+Note: Character set detection dramatically decreases performance by requiring more CPU. Only enable it if you need it.
 
 ## Writing Plugins
 
@@ -392,7 +433,7 @@ Browse the wiki for more documentation and advanced usage techniques.
 
 ## Release History
 
-- Version 0.5.5 Released January 16th, 2021
+- Version 0.6.1 Released July 30th, 2025
 - Version 0.5.4 Released December 14th, 2020
 - Version 0.5.3 Released October 1st, 2020
 - Version 0.5.2 Released June 9th, 2020
@@ -462,34 +503,38 @@ Thank you to the following people who have contributed to WhatWeb.
 + @iGeek098
 + @andreas-becker
 + @csalazar
-+ @golewski
-+ @Allactaga
++ Igor Rzegocki (@ajgon)
++ @juananpe
 + @lins05
-+ @eliasdorneles
-+ @sigit
-+ dewanto
-+ @elcodigok 
-+ @SlivTaMere
 + @anozoozian
 + Bhavin Senjaliya (@bhavin1223)
-+ Janosch Maier (@Phylu)
-+ @rmaksimov
++ Chad Brigance (@ChadBrigance)
++ Daniel Maldonado
++ Elias Dorneles (@eliasdorneles)
++ Eugene Amirov
++ Gregory Boddin (@gboddin)
++ Guillaume Delacour
++ Janosch Maier (@phylu)
++ Max Davitt (@themaxdavitt)
 + Naglis Jonaitis (@naglis)
-+ Igor Rzegocki (@ajgon)
++ Shuai Lin
++ Sigit Dewanto (@sigit)
++ @wh1tenoise
++ @golewski
++ @Allactaga
++ @elcodigok
++ @SlivTaMere
++ @rmaksimov
 + Melvil Guillaume (@mguillau42)
-+ @LrsK 
-+ Janosch Maier (@phylu)
++ @LrsK
 + @abenson
 + @blshkv
 + Weidsom Nascimento (@weidsom)
-+ Marcelo Gimenes @cgimenes
++ Marcelo Gimenes (@cgimenes)
 + @xambroz
 + Baptiste Fontaine (@bfontaine)
-+ @juananpe
 + @definity
 + @huntertl
-+ Max Davitt (@themaxdavitt)
-+ Gregory Boddin (@gboddin)
 
 It is difficult to keep track of all the people who have contributed to WhatWeb. If your name is missing then please let me know.
 
@@ -1,6 +1,6 @@
 #!/bin/bash
 # Verify Nikto logs
-# Copyright 2014, Andrew Horton 
+# Copyright 2014 to 2025, Andrew Horton 
 VERSION=0.1b
 
 if [ -z "$1" ]; then
 
@@ -1,4 +1,4 @@
-# Copyright 2009 to 2020 Andrew Horton and Brendan Coles
+# Copyright 2009 to 2025 Andrew Horton and Brendan Coles
 #
 # This file is part of WhatWeb.
 #
 
@@ -1,4 +1,4 @@
-# Copyright 2009 to 2020 Andrew Horton and Brendan Coles
+# Copyright 2009 to 2025 Andrew Horton and Brendan Coles
 #
 # This file is part of WhatWeb.
 #
 
@@ -1,4 +1,4 @@
-# Copyright 2009 to 2020 Andrew Horton and Brendan Coles
+# Copyright 2009 to 2025 Andrew Horton and Brendan Coles
 #
 # This file is part of WhatWeb.
 #
 
@@ -1,4 +1,4 @@
-# Copyright 2009 to 2020 Andrew Horton and Brendan Coles
+# Copyright 2009 to 2025 Andrew Horton and Brendan Coles
 #
 # This file is part of WhatWeb.
 #
 
@@ -1,4 +1,4 @@
-# Copyright 2009 to 2020 Andrew Horton and Brendan Coles
+# Copyright 2009 to 2025 Andrew Horton and Brendan Coles
 #
 # This file is part of WhatWeb.
 #
 
@@ -1,4 +1,4 @@
-# Copyright 2009 to 2020 Andrew Horton and Brendan Coles
+# Copyright 2009 to 2025 Andrew Horton and Brendan Coles
 #
 # This file is part of WhatWeb.
 #
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-# Copyright 2009 to 2020 Andrew Horton and Brendan Coles`
	`1`	`+# Copyright 2009 to 2025 Andrew Horton and Brendan Coles`
`2`	`2`	`#`
`3`	`3`	`# This file is part of WhatWeb.`
`4`	`4`	`#`