WhatWeb Scan

BlindElephant website scannerUse this online version of the WhatWeb tool to fingerprint your web application, web server and other technologies of a web page. The tool examines the web server HTTP Headers and the HTML source of a web page to determine technologies in use.

Security vulnerabilities in well known web applications and technologies are a common attack vector. Keeping your web applications up to date can reduce your risk of being hacked significantly.

Launch WhatWeb Scanner

Access to scanning is restricted.

Basic Membership is required to use this online security scanner. Immediate access is available to new members or login now if you have a valid membership.

Member Login Scan Membership



This is a Passive Security Scan
The only traffic sent to the target is a simple HTTP request.
Accept Terms of Service

[/s2If]

  • Explore a website and determine web technologies in use. Including the web server, web applications, client based javascript and geolocation.
  • Find known vulnerable servers and applications from detected version numbers.
  • Understand an organisations technological footprint and back-end systems.



About the WhatWeb Tool

Content management systems (CMS), blog technologies, analytics packages, javascript libraries, web server versions are just some of the technologies that can be identified with WhatWeb. When you visit a web address in your browser the raw source has many unseen pointers about the server and software that is running on the web site. WhatWeb parses this code and identifies known technologies.

With more than 250 plugins that identify technologies removing the Powered By reference may not be enough to obscure the technology being used.

Once an attacker has fingerprinted the technologies in use they can then move onto to exploiting them. By testing your system you can re-mediate and keep your technologies updated.

This is a non-intrusive scan, the system will download the web page and examine the HTML and HTTP header response.

The command line arguments used with the online Whatweb scan perform a passive analysis. For a full overview of the tool and the available options take a look at the project page.

Application fingerprint is the first step of the Information Gathering process; knowing the version and type of a running web server allows testers to determine known vulnerabilities and the appropriate exploits to use during testing.