# Fingerprinting

## Tools

<table><thead><tr><th width="170">Tool</th><th>Description</th><th>Features</th></tr></thead><tbody><tr><td><code>Wappalyzer</code></td><td>Browser extension and online service for website technology profiling.</td><td>Identifies a wide range of web technologies, including CMSs, frameworks, analytics tools, and more.</td></tr><tr><td><code>BuiltWith</code></td><td>Web technology profiler that provides detailed reports on a website's technology stack.</td><td>Offers both free and paid plans with varying levels of detail.</td></tr><tr><td><code>WhatWeb</code></td><td>Command-line tool for website fingerprinting.</td><td>Uses a vast database of signatures to identify various web technologies.</td></tr><tr><td><code>Nmap</code></td><td>Versatile network scanner that can be used for various reconnaissance tasks, including service and OS fingerprinting.</td><td>Can be used with scripts (NSE) to perform more specialised fingerprinting.</td></tr><tr><td><code>Netcraft</code></td><td>Offers a range of web security services, including website fingerprinting and security reporting.</td><td>Provides detailed reports on a website's technology, hosting provider, and security posture.</td></tr><tr><td><code>wafw00f</code></td><td>Command-line tool specifically designed for identifying Web Application Firewalls (WAFs).</td><td>Helps determine if a WAF is present and, if so, its type and configuration.</td></tr></tbody></table>

## Banner grabbing

```shell-session
curl -I https://www.inlanefreight.com
```

* `-I` is for a HEAD request

## WafW00f

```bash
pip3 install git+https://github.com/EnableSecurity/wafw00f
```

```bash
wafw00f inlanefreight.com
```

## Nikto

```bash
sudo apt update && sudo apt install -y perl
git clone https://github.com/sullo/nikto
cd nikto/program
chmod +x ./nikto.pl
```

```bash
nikto -h inlanefreight.com -Tuning b
```

* `-Tuning b` flag tells `Nikto` to only run the Software Identification modules.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.rtlcopymemory.com/web-information-gathering/fingerprinting.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.