Resources: Website Information Gathering Tools

Netcraft Site Report
Provides detailed reports on websites including hosting provider, server type, uptime history, and technologies used.
DomainTools WHOIS Lookup
One of the most reliable WHOIS tools for domain ownership, registration dates, registrar info, and historical data.
Robtex
Powerful network analysis tool for DNS, IP, routing, and relationship mapping between domains and IPs.
Knock (GitHub)
Python-based tool for subdomain enumeration via wordlist — great for penetration testing.
Exploit-DB
A public repository of known exploits and vulnerabilities — valuable for red teamers and security analysts.

BuiltWith
Technology profiler that shows what frameworks, CMSs, eCommerce platforms, and analytics tools a website uses.
Shodan
A search engine for Internet-connected devices. Find exposed servers, webcams, IoT devices, and their vulnerabilities.
Censys
Internet-wide scanner for analyzing hosts, certificates, and services — used heavily in cybersecurity research.
SecurityTrails
Domain and IP intelligence tool with WHOIS, DNS records, historical data, and subdomain discovery.
VirusTotal
Analyze suspicious URLs, IPs, and files by scanning them across multiple antivirus engines.
SpyOnWeb
Investigate websites that share the same Google Analytics ID, IP address, or AdSense — useful for uncovering site networks.
Hunter.io
Discover and verify professional email addresses tied to a domain — excellent for outreach or OSINT.
Wappalyzer
Chrome/Firefox extension and web tool to detect technologies used on a site — from CMS to JS libraries.
WhatCMS
Quickly identifies which content management system (CMS) a website is running.
Nmap Online Scanner (via HackerTarget)
Use Nmap in the browser to scan for open ports and services — great for reconnaissance.
Sublist3r (GitHub)
A fast subdomain enumeration tool using OSINT and brute-force techniques.

Resources