Tools to check website what technologies it uses

If you want to find out what technologies a website is built with — such as CMS, frameworks, analytics tools, hosting provider, CDN, or server type — there are many reliable and widely used tools available.

This article lists the most credible and popular tools, grouped by use case, and explains when to use each one.

---

All-in-One Website Technology Detection Tools

These tools give a quick overview of a website’s tech stack.

🔹 Wappalyzer

👉 https://www.wappalyzer.com/

• Detects CMS, frameworks, JavaScript libraries, analytics, ads, CDNs, hosting
• Available as a browser extension, web app, and API
• Very accurate for frontend and SaaS tools

Best for: fast, general technology overview. Industry standard for tech stack detection.

---

🔹 BuiltWith

👉 https://builtwith.com/

• Shows technologies used now and historically
• Hosting, CMS, analytics, SSL, CDNs
• Popular for competitor and market analysis

Best for: business intelligence and historical data.

---

🔹 WhatRuns

👉 https://www.whatruns.com/

• Lightweight alternative to Wappalyzer
• Browser extension
• Clean and fast interface

Best for: quick checks with minimal overhead.

---

Hosting, Platform & Infrastructure Detection

These tools focus on where and how a site is hosted.

🔹 Netcraft Site Report

👉 https://sitereport.netcraft.com/

• Hosting provider
• Server OS
• DNS and SSL information
• Hosting history

Best for: infrastructure and platform identification. Highly trusted in security communities.

---

🔹 DNSDumpster

👉 https://dnsdumpster.com/

• DNS records
• Subdomains
• Infrastructure mapping

Best for: DNS and backend discovery.

---

🔹 SecurityHeaders

👉 https://securityheaders.com/

• HTTP security headers
• CSP, HSTS, TLS hints
• Indirect clues about server and platform

Best for: security posture and configuration checks.

---

Server, OS & Backend Fingerprinting

🔹 curl (Command Line)

curl -I https://example.com

Reveals:

• Web server (nginx, Apache, IIS)
• CDN and caching layers

Best for: low-level, reliable inspection.

---

🔹 Shodan

👉 https://www.shodan.io/

• Server OS
• Open ports
• Cloud provider
• Exposed services

Best for: internet-wide infrastructure analysis. Used by security researchers and SOC teams, hackers.

---

CMS & Framework Detection

🔹 WhatCMS

👉 https://whatcms.org/

• Identifies CMS platforms (WordPress, Drupal, Joomla, etc.)
• Sometimes detects versions

Best for: CMS identification.

---

🔹 WPScan (WordPress only)

👉 https://wpscan.com/

• Confirms WordPress usage
• Detects plugins, themes, versions
• Security-focused

Best for: WordPress audits and security checks.

---

Frontend & JavaScript Stack Analysis

Modern browsers such as Chrome, Brave, Edge, and Firefox include built-in Developer Tools (DevTools) that allow you to inspect how a website works from the inside. These tools are especially useful for detecting frontend frameworks, JavaScript libraries, APIs, and third-party services.

DevTools do not rely on signatures or databases — they show what is actually loaded and executed in your browser, making them one of the most reliable methods.

---

How to Open Developer Tools

Keyboard shortcuts

• Windows / Linux: F12 or Ctrl + Shift + I
• macOS: Cmd + Option + I

Right-click method

• Right-click anywhere on the page
• Select Inspect or Inspect Element

Browser menu

• Chrome / Brave / Edge / Opera:
  Menu → More Tools → Developer Tools
• Firefox:
  Menu → More Tools → Web Developer Tools

Once opened, DevTools usually appear docked to the right or bottom of the browser window.

---

Key DevTools Tabs and What to Look For

🔹 Elements tab (HTML & DOM)

What it shows

• Live HTML structure
• CSS styles
• Class names and attributes

What to look for

• Framework-specific attributes:
  • ng-* → Angular
  • data-reactroot, __reactFiber → React
  • data-v-* → Vue
• CMS markers:
  • wp-content, wp-admin → WordPress
• Repeated class naming patterns (Tailwind, Bootstrap)

Use case: Detect frontend frameworks and CMS hints.

---

🔹 Network tab

The Network tab reveals everything the site loads.

How to use it

1. Open DevTools
2. Go to Network
3. Reload the page (F5)

What to inspect

• JS files
  • react.production.min.js
  • vue.runtime.js
  • angular.js
• API calls
  • /api/
  • /graphql
• Third-party services
  • google-analytics.com
  • doubleclick.net
  • stripe.com
• CMS REST endpoints
  • /wp-json/ → WordPress REST API

Filters to use

• JS → JavaScript libraries
• XHR / Fetch → APIs and backend services
• Doc / Headers → server & CDN clues

Use case: Identify frameworks, APIs, analytics, ads, and SaaS tools.

---

🔹 Sources tab (JavaScript & Assets)

What it shows

• Loaded JavaScript files
• Source maps (sometimes unminified code)

What to look for

• Folder names:
  • webpack, vite, parcel
• Framework files:
  • react-dom
  • vuex
• App structure:
  • /static/js/
  • /assets/

Use case: Detect build tools and frontend architecture.

---

🔹 Console tab (Runtime Inspection)

The Console allows direct interaction with the page.

Useful checks

Try typing:

window.React
window.__REACT_DEVTOOLS_GLOBAL_HOOK__
window.angular
window.Vue

If these return objects (not undefined), the framework is present.

Other indicators

• Console warnings mentioning React, Vue, Angular
• Framework-specific error messages

Use case: Confirm framework presence beyond file names.

---

🔹 Application tab (Storage & PWA)

What it shows

• LocalStorage / SessionStorage
• Cookies
• IndexedDB
• Service Workers

What to look for

• wp-settings-* → WordPress
• Authentication tokens
• Service Workers → Progressive Web App (PWA)

Use case: Identify PWAs, authentication methods, and CMS storage.

---

🔹 Security tab

What it shows

• TLS/SSL status
• Certificate details

What to look for

• Certificate issuer (Cloudflare, Let’s Encrypt, AWS)
• Mixed content warnings

Use case: Validate HTTPS and hosting hints.

---

Using DevTools with Framework-Specific Extensions

For deeper inspection, install official DevTools:

• React DevTools
  https://react.dev/learn/react-developer-tools
• Vue DevTools
  https://devtools.vuejs.org/
• Angular DevTools
  https://angular.dev/tools/devtools

These tools confirm:

• Framework usage
• Component tree
• State management

---

Strengths and Limitations of DevTools

Strengths

• Shows real, loaded technologies
• No guessing or fingerprinting
• Excellent for modern SPAs

Limitations

• Backend stack often hidden
• Minified or bundled code can obscure details
• CDNs and proxies mask servers

Best for: confirming frontend frameworks and component structure.

---

Cloud, CDN & Performance Analysis

🔹 GTmetrix

👉 https://gtmetrix.com/

🔹 WebPageTest

👉 https://www.webpagetest.org/

• Performance metrics
• Loaded third-party scripts
• CDN and optimization hints

Best for: performance + tech insight combined.

---

SSL & TLS Analysis

🔹 SSL Labs

👉 https://www.ssllabs.com/ssltest/

• TLS versions
• Cipher suites
• Certificate chain

Best for: SSL/TLS verification. Considered the gold standard.