Home Pentest-Tools.com Logo
Information Gathering

Website Recon

Find out which web technologies your target website is using.

Scan type
  • Light scan

/

Reporting

Sample Website Recon report

Here is a sample report from our Website Recon that gives you a taste of how our tools save you time and reduce repetitive manual work.

  • Includes server-side technologies

  • Includes client-side technologies

Website Recon Report Sample

How to use the pentesting tool

Use Cases for Website Recon

This tool allows you to discover the technologies used by a target web application - server-side and client-side. It can also scan multiple virtual hosts on the same IP.

  • Fingerprint Web Application

    Go through the reconnaissance phase of your pentest much faster and gather information about your target more effectively. This is the tool that helps you speed up recon and get quality findings.

  • Discover Attack Surface

    When given an IP address as input, this tool attempts to discover all the websites running on that server (virtual hosts) and scans all of them to obtain software information.

  • Take a Peek at Competitors

    See what your competitors used to build their websites. Use Website Recon to compare technologies and upgrade when necessary to keep your users happy.

Better vulnerability discovery. Faster pentest reporting.

Get instant access to custom vulnerability scanners and automation features that simplify the pentesting process and produce valuable results. The platform helps you cover all the stages of an engagement, from information gathering to website scanning, network scanning, exploitation and reporting.

Pentest-Tools.com Website Recon Sample Report

Website Recon

Technical details

Reconnaissance is the first phase of a penetration test, in which the pentester finds as much information as possible about the target website.

The backend and frontend technologies used by the website can lead to constructing dedicated attack vectors in which the penetration tester exploits specific vulnerabilities of the identified software type and version.

For instance, if the Website Recon tool finds the following information about the target website:

  • CMS: WordPress 4.1
  • Server: Apache 2.2
  • Operating system: Linux

the next step would be to investigate if the specific version of the software is affected by known vulnerabilities (ex. version 4.1 of WordPress). If such vulnerability is found, the penetration tester can proceed to exploit the vulnerability. The operating system and the server information are also important to select the appropriate exploit to successfully compromise the system.

Parameters

ParameterDescription
Target URLIs the address of the website which will be searched for known technologies
Scan single websiteThe tool accesses a single URL and detects existing technologies (default option)
Scan IP addressThe tool first determines the open web ports on the target IP (80, 81, 8080, 443, 8443), then finds the DNS names (virtual hosts) associated with the IP, and lastly it initiates HTTP(S) connections to each port by using hostname previously discovered. For each of these combinations, the tool reports the web technologies identified

How it works

Website Recon uses Wappalyzer as a scanning engine. It has a consistent database of web application signatures which allows it to correctly identify over 900 web technologies from more than 50 categories.

The tool looks at multiple website elements to determine its technologies:

  • Server HTTP response headers
  • HTML Meta Generator tags
  • Embedded JavaScript files
  • HTML specific content
  • HTML specific comments
  • Website's favicon