Powered By Site Technology Tool

Powered By Help

What methods are used for determining the results?

Operating System
This is checked against the HTTP Header response for the Web Server and X-Powered-By banners. Another interesting tool we use, is the p0f passive analysis that checks for attributes in a TCP packet and compares that with its database of known web servers and operating systems.

Web Server
HTTP Header responses can be faked or made quite generic but not many people do this, the HTTP Header is a pretty good indicator of the web server in use.

Server Side Technology
Primarily the X-Powered-By banner as this will show ASP, PHP and other web server extensions.

Client Side Technology
For this item we parse the HTML output and look for known javascript that indicates the presence of such things as Jquery, Google Analytics and Sharing buttons.

Web Application
Similar to the Client Side item, we parse the HTML output and look for known attributes or meta data that indicates a web application in use; good examples are WordPress, Drupal and DotNetNuke installations.

Determine what a web site is powered by including details such as web server, web application, scripting languages and hosting provider.

About the Powered By Tool

An X-Powered By: banner in a HTTP server response typically reveals some information about a web server. In many open source content management systems and web based applications will reveal the software name sometimes version in the footer of a web page.

With this IP Tool we attempt to find that sort of information and a bit more from the HTTP Headers and the HTML code that comes back with the headers. Only the first page that you select will be analyzed for this data. The tool will attempt to determine the operating system, web server, web application, server side scripting languages, client side scripts in use, the location and details of the web servers hosting company based on IP Address netblock owner.

What would I use this tool for?

By determining what a web site is powered by you may be able to develop an understanding of the organizations information technology infrastructure. This sort of information may be useful for a number of reasons:

Penetration Testing
Should I work for this company?
Review competitors web infrastructure
Just for fun; What does the NSA use for a webserver? Does Microsoft have any Linux web servers?

About

Operating since 2007 HackerTarget.com provides the Internet community with on-line security scanning services that help to build a more secure Internet.

Our philosophy involves not only providing good Security Scanning Intelligence; but to also build awareness among users of the Internet about security best practice and keeping systems safe.

Launch scans from our external hosts against your infrastructure to test your Internet Security or even your intrusion detection and incident response capabilities.

White Papers from HackerTarget.com
Web Tech 2011 - Report
Automated Security Scanning Guide
Security from the Cloud Whitepaper
Don't Get Hacked! Whitepaper