| Tool | Description | Features |
|---|---|---|
Wappalyzer |
Browser extension and online service for website technology profiling. | Identifies a wide range of web technologies, including CMSs, frameworks, analytics tools, and more. |
BuiltWith |
Web technology profiler that provides detailed reports on a website's technology stack. | Offers both free and paid plans with varying levels of detail. |
WhatWeb |
Command-line tool for website fingerprinting. | Uses a vast database of signatures to identify various web technologies. |
Nmap |
Versatile network scanner that can be used for various reconnaissance tasks, including service and OS fingerprinting. | Can be used with scripts (NSE) to perform more specialised fingerprinting. |
Netcraft |
Offers a range of web security services, including website fingerprinting and security reporting. | Provides detailed reports on a website's technology, hosting provider, and security posture. |
wafw00f |
Command-line tool specifically designed for identifying Web Application Firewalls (WAFs). | Helps determine if a WAF is present and, if so, its type and configuration. |
curl command with the -I flag (or --head) to fetch only the HTTP headers, not the entire page content.
curl -I inlanefreight.comWeb Application Firewalls (WAFs) are security solutions designed to protect web applications from various attacks.
pip3 install git+https://github.com/EnableSecurity/wafw00f
wafw00f inlanefreight.com
vulnerability assessment tool, Nikto's fingerprinting capabilities provide insights into a website's technology stack.
sudo apt update && sudo apt install -y perl
git clone <https://github.com/sullo/nikto>
cd nikto/program
chmod +x ./nikto.pl
nikto -h inlanefreight.com -Tuning b
The -h flag specifies the target host. The -Tuning b flag tells Nikto to only run the Software Identification modules.