loading
loading
Discovery
Identify the technologies running on websites, from CMS to JavaScript frameworks.
overview
wappalyzer fingerprints a website by reading its HTML, headers, cookies, and script tags and matching them against a large signature set. From one URL it reports the content management system, eCommerce platform, JavaScript frameworks, analytics packages, and web server behind the page.
It can stay on a single URL or follow links recursively to profile a whole site, with controls for crawl depth, request delay, and how many URLs to analyse before stopping. Output is JSON, so the technology map becomes structured data rather than a screenshot.
On Trickest, wappalyzer is a Discovery node that takes a URL and writes a folder and a file. Run it across a discovered host list to build a technology inventory, then route hosts running a specific stack into a scanner tuned for it.
use cases
Analyse a URL to learn the CMS, framework, analytics, and server behind it before deciding how to test it.
Run wappalyzer across discovered hosts and collect the JSON to map which stacks the estate runs.
Enable recursive crawling with a depth and URL cap so the analysis covers more than the landing page.
Use the JSON output to send hosts running a known-vulnerable platform into a targeted scanning workflow.
reference
| Name | Type | Flag | Description |
|---|---|---|---|
| url | STRING | · | URL to be analysed. |
| recursive | BOOLEAN | --recursive | Follow links on pages (crawler). |
| max-depth | STRING | --max-depth | Don't analyse pages more than num levels deep. |
| max-urls | STRING | --max-urls | Exit when num URLs have been analysed. |
| delay | STRING | --delay | Wait for ms milliseconds between requests. |
| pretty | BOOLEAN | --pretty | Pretty-print JSON output. |
| max-wait | STRING | --max-wait | Wait no more than ms milliseconds for page resources to load. |
| user-agent | STRING | --user-agent | Set the user agent string. |
Showing key inputs. wappalyzer exposes 12 inputs in total.
| Name | Type | Flag | Description |
|---|---|---|---|
| url | STRING | · | URL to be analysed |
| debug | BOOLEAN | --debug | Output debug messages |
| delay | STRING | --delay | Wait for ms milliseconds between requests |
| pretty | BOOLEAN | --pretty | Pretty-print JSON output |
| max-urls | STRING | --max-urls | Exit when num URLs have been analysed |
| max-wait | STRING | --max-wait | Wait no more than ms milliseconds for page resources to load |
| max-depth | STRING | --max-depth | Don't analyse pages more than num levels deep |
| recursive | BOOLEAN | --recursive | Follow links on pages (crawler) |
| batch-size | STRING | --batch-size | Process links in batches |
| user-agent | STRING | --user-agent | Set the user agent string |
| html-lines-limit | STRING | --html-max-rows | Limit the number of HTML lines processed |
| html-chars-per-line-limit | STRING | --html-max-cols | Limit the number of HTML characters per line processed |
example
# fingerprint example.com with a shallow recursive crawlwappalyzer https://example.com --recursive --max-depth 2 --max-urls 20 --delay 500 --pretty{ "urls": { "https://example.com/": { "status": 200 } }, "technologies": [ { "name": "Nginx", "categories": ["Web servers"] }, { "name": "React", "categories": ["JavaScript frameworks"] }, { "name": "Google Analytics", "categories": ["Analytics"] }, { "name": "OpenSSL", "categories": ["Security"] } ]}guidance
Use Wappalyzer to identify what a single site is built with. It is a deep, recursive fingerprinter for one target at a time. To detect technologies across a large host list at speed, use webanalyze or httpx tech-detect.
A Go port of Wappalyzer built for testing huge host lists fast.
Plugin-based identifier with adjustable aggression. Broader recon, similar fingerprinting goal.
Probes liveness and runs Wappalyzer-style tech detection inline at scale.
faq
related
Check whether a URL redirects to a masked 404 page.
Append lines to a file only if they are not already there.
Extract URLs and endpoints from Android APK files.
Visual inspection of websites across a large number of hosts.
Find suspicious files across a large set of AWS S3 buckets.
An automated tool that checks for backup artifacts that may disclose a web application's source code.
A URL feeds Wappalyzer, which fingerprints the stack and writes the detected technologies as a queryable output.
Facts on this page come from the live Trickest tool library.