1. Website Recon

Website Recon

About this tool

This tool allows you to discover the technologies used by a target web application - server-side and client-side. It can also scan multiple virtual hosts on the same IP.

Reconnaissance is the first phase of a penetration test, in which the pentester finds as much information as possible about the target website.

The backend and frontend technologies used by the website can lead to constructing dedicated attack vectors in which the penetration tester exploits specific vulnerabilities of the identified software type and version.

For instance, if the Website Recon tool finds the following information about the target website:

CMS: WordPress 4.1
Server: Apache 2.2
Operating system: Linux

the next step would be to investigate if the specific version of the software is affected by known vulnerabilities (ex. version 4.1 of WordPress). If such vulnerability is found, the penetration tester can proceed to exploit the vulnerability. The operating system and the server information are also important to select the appropriate exploit to successfully compromise the system.


  • Target URL: Is the address of the website which will be searched for known technologies. Must start with http:// or https://

How it works

Website Recon uses Wappalyzer as a scanning engine. It has a consistent database of web application signatures which allows it to correctly identify over 900 web technologies from more than 50 categories.

The tool looks at multiple website elements to determine its technologies:

  • Server HTTP response headers

  • HTML Meta Generator tags

  • Embedded JavaScript files

  • HTML specific content

  • HTML specific comments

  • Website's favicon