Loading...

Website Recon - Discover web technologies 20 Credits

Find which web technologies your target website is using

Sample Report

|

Use Cases

|

Technical Details

Sample Report

Here is a Website Recon - Discover web technologies sample report:

  • Includes server-side technologies
  • Includes client-side technologies

See also a sample pdf report.

Website Recon - Discover web technologies - Use Cases

This tool allows you to discover the technologies used by a target web application - server-side and client-side. It can also scan multiple virtual hosts on the same IP.

Fingerprint Web Application

Every penetration test should start with a reconnaissance phase where you gather information about your target. This tool is perfect for that.

Discover Attack Surface

When given an IP address as input, this tool attempts to discover all the websites running on that server (virtual hosts) and scans all of them to obtain software information.

Take a Peek at Competition

See what your competitor's websites are built with. This allows you to compare your technologies and upgrade when necessary so you keep your users happy.

Technical Details


About

Reconnaissance is the first phase of a penetration test, in which the pentester finds as much information as possible about the target website.
The backend and frontend technologies used by the website can lead to constructing dedicated attack vectors in which the penetration tester exploits specific vulnerabilities of the identified software type and version.

For instance, if the Website Recon tool finds the following information about the target website:
  • CMS: WordPress 4.1
  • Server: Apache 2.2
  • Operating system: Linux
the next steps would be to investigate if the specific version of the software is affected by known vulnerabilities (ex. version 4.1 of WordPress). If such vulnerability is found, the penetration tester can proceed to exploit the vulnerability. The operating system and the server information is also important to select the appropriate exploit in order to successfully compromise the system.


Parameters

Parameter Description
Target URL Is the address of the website which will be searched for known technologies.
Scan single website The tool accesses a single URL and detects existing technologies (default option).
Scan IP address The tool first determines the open web ports on the target IP (80, 81, 8080, 443, 8443), then finds the DNS names (virtual hosts) associated with the IP and lastly it initiates HTTP(S) connections to each port by using hostname previously discovered. For each of this combination, the rool reports the web technologies identified.
Scan IP range Does the same as "Scan IP address" but for a range of IP addresses (maximum 255 IPs).


How it works

Website Recon uses Wappalyzer as a scanning engine. It has a consistent database of web application signatures which allows it to correctly identify over 900 web technologies from more than 50 categories.

The tool looks at multiple website elements in order to determine its technologies:
  • Server HTTP response headers
  • HTML Meta Generator tags
  • Embedded JavaScript files
  • HTML specific content
  • HTML specific comments
  • Website's favicon