Wappalyzer technology discovery browser plugin

tedjames

Does anybody use the Wappalyzer browser plugin for website technology discovery?

https://www.wappalyzer.com/

Have you found it to be accurate?

Do you prefer another tool? Builtwith is good, but it works only on external sites (no intranet). Wappalyzer works both internally and externally.

chrisone

I have used it in the past and strangely was finding myself using it last night. I was trying to find out a drupal version and the tool only detected the major release 9 and not the subversion 9.1.0 etc. So I got my answer through checking the page source. 

I rarely use these page extension tools. I don't see myself looking for alternatives, wappalyzer does a good enough job for whatever my needs are. These tools usually just point me in the right direction before I do a full deep dive into the target page's technologies. 

tedjames

Thanks for the reply! I use it a lot, but I'm always looking for new tools that perform similar actions. Sometimes I want to confirm a finding with another tool.

Sometimes I can get what I want just using browser DevTools. Checking the source page is a good idea. Whatweb will sometimes find something useful, too.

yoba222

I use it all the time. Another tool I've recently discovered is to use Chrome/Chromium -> developer tools -> run a Lighthouse scan. Gives you all the vulnerable JavaScript libraries, etc. all in one place.

tedjames

I forgot about Lighthouse. I'll add that to my checklist. Thanks!

I also use the Retire.js plugin in my browser and in ZAP.