Security Recon
Reveal web technologies and version numbers. Reconnaissance at scale for security assessments.
Technology fingerprinting
Framework Detection
Identify web frameworks, CMS platforms, and application servers. Know what you're dealing with.
Version Numbers
Detect software versions where exposed. Critical for vulnerability assessment.
Third-Party Scripts
Analytics, trackers, widgets, payment processors. Full inventory of external dependencies.
Infrastructure
CDN, hosting provider, DNS, SSL certificate details. Understand the full stack.
Security workflows
Penetration Testing
Fast reconnaissance phase. Know the tech stack before starting your assessment.
Bug Bounty
Scope targets quickly. Find programs running vulnerable software versions.
Vendor Risk Assessment
Audit your vendors' tech stacks. Identify supply chain risks.
Attack Surface Monitoring
Track your own infrastructure. Get alerted when tech changes.
Reconnaissance at scale
Single lookups are free. But security teams need bulk capabilities.
With what-stack API, you can:
- Query 100,000+ domains in bulk
- Filter by specific technologies or versions
- Export to your security tools
- Set up monitoring alerts for changes
Responsible use
What-Stack is designed for legitimate security research, authorized penetration testing, and defensive security operations. Use responsibly and within applicable laws and regulations.