WhatWeb Scan

Use this online version of the WhatWeb tool to fingerprint your web application, web server and other technologies of a web page. The tool examines the web server HTTP Headers and the HTML source of a web page to determine technologies in use.

Security vulnerabilities in well known web applications and technologies are a common attack vector. Keeping your web applications and client side scripts up to date can reduce your risk of being hacked significantly.

Launch WhatWeb Web Site Scan
Login for Access to WhatWeb Web Site Scanning
Detect web technology in use passively.
Passive query against a web site to determine technologies in use.
Discover web server, web applications, javascript and geolocation.
Find vulnerable servers and applications from detected version.
Understand an organisations technological footprint and back-end systems.
Membership includes access to 27 Vulnerability Scanners and OSINT Tools
Trusted Open Source Tools

Membership is required for access; includes scanning batches of sites up to the daily scan limit. Immediate access is available to new members or login now if you already have an account.

Simplify Security Testing and Save
Hours in Tool Management
Passively fingerprint technologies in use
Useful for research and reconnaissance.
Over 250'000 scans performed last year.


About the WhatWeb Tool

Content management systems (CMS), blog technologies, analytics packages, javascript libraries, web server versions are just some of the technologies that can be identified with WhatWeb. When you visit a web address in your browser the raw source has many unseen pointers about the server and software that is running on the web site. WhatWeb parses this code and identifies known technologies.

With more than 250 plugins that identify technologies removing the Powered By reference may not be enough to obscure the technology being used.

Once an attacker has fingerprinted the technologies in use they can then move onto to exploiting them. By testing your system you can re-mediate and keep your technologies updated.

This is a non-intrusive scan, the system will download the web page and examine the HTML and HTTP header response.

The command line arguments used with the online Whatweb scan perform a passive analysis. For a full overview of the tool and the available options take a look at the project page.

Application fingerprint is the first step of the Information Gathering process; knowing the version and type of a running web server allows testers to determine known vulnerabilities and the appropriate exploits to use during testing.