​

Fingerprint Web Technologies

​

Description

​

Features

• Identifies various types of web technologies.
• Collects metadata about the identified technologies, including the version information and technology-specific locations (such as login panels).
• Capable of processing tens of thousands of hosts simultaneously.

​

Inputs

​

Required

• web-serverss: a list of web server URLs

https://blog.example.com

​

Outputs

• web-technologies: JSONLines records of web technology discovery details.

{"asset": "https://blog.example.com", "technology": "WordPress", "location": "https://blog.example.com/wp-admin/install.php", "version": "6.5.3", "version_status": "outdated", "latest_version": "6.8.2"}
{"asset": "https://blog.example.com", "technology": "Bootstrap"}
{"asset": "https://blog.example.com", "technology": "Cloudflare WAF", "location": "https://blog.example.com/?jbsmfoey=%3Cscript%3Ealert%28%22XSS%22%29%3B%3C%2Fscript%3E&xtrsrvgz=UNION+SELECT+ALL+FROM+information_schema+AND+%27+or+SLEEP%285%29+or+%27&tqvgazak=..%2F..%2F..%2F..%2Fetc%2Fpasswd", "context": "Cloudflare Inc."}

​

Changelog

• v1.0.0
  • Initial release
• v1.0.1
  • Added header input
• v2.0.0
  • Added detection of outdated technologies across common categories, including web servers (e.g. Apache HTTP Server), language runtimes (e.g. PHP), and frameworks (e.g. ASP.NET).
    • When a version is successfully identified, it is added to the version field.
    • If outdated version checks are supported for the detected technology:
      • The latest known version is added to the latest_version field.
      • If the detected version is outdated, version_status is set to outdated.
      • If the detected version is current, version_status is set to up_to_date.
    • If the version cannot be determined or the technology is not supported for version checking, version_status is set to unknown.