Fingerprinting

Tools

ToolDescriptionFeatures

Wappalyzer

Browser extension and online service for website technology profiling.

Identifies a wide range of web technologies, including CMSs, frameworks, analytics tools, and more.

BuiltWith

Web technology profiler that provides detailed reports on a website's technology stack.

Offers both free and paid plans with varying levels of detail.

WhatWeb

Command-line tool for website fingerprinting.

Uses a vast database of signatures to identify various web technologies.

Nmap

Versatile network scanner that can be used for various reconnaissance tasks, including service and OS fingerprinting.

Can be used with scripts (NSE) to perform more specialised fingerprinting.

Netcraft

Offers a range of web security services, including website fingerprinting and security reporting.

Provides detailed reports on a website's technology, hosting provider, and security posture.

wafw00f

Command-line tool specifically designed for identifying Web Application Firewalls (WAFs).

Helps determine if a WAF is present and, if so, its type and configuration.

curl -I https://www.inlanefreight.com

  • -I is for a HEAD request

WafW00f

pip3 install git+https://github.com/EnableSecurity/wafw00f
wafw00f inlanefreight.com

Nikto

sudo apt update && sudo apt install -y perl
git clone https://github.com/sullo/nikto
cd nikto/program
chmod +x ./nikto.pl
nikto -h inlanefreight.com -Tuning b

  • -Tuning b flag tells Nikto to only run the Software Identification modules.

PreviousDNS & SubdomainsNextCrawlers

Last updated