Web application fingerprinting is the main part of the information gathering stage in security assessment. It helps us to accurately identify an application and to pinpoint known vulnerabilities. This also allows us to customize payload or exploitation techniques based on the information. The simplest method is to open the site in the browser and look at its source code for specific keywords. Similarly, with Python, we can download the page and then run some basic regular expressions, which can give you the results.
We can download the website with the urllib
/requests
module in combination with BeautifulSoup or lxml, as we discussed in this chapter.