So, y’all know how it is sometimes… You go digging through GitHub repos looking to see if anyone’s already made a tool to do a specific thing that you need to get done. Something simple and fast that doesn’t do a bunch of extra stuff. Lately, I’ve been wanting a quick way to peek at what sites have been built with without having to tab away from the terminal or poll some third party API. Just a straightforward command-line thing.
While poking around, I stumbled across a project that wrapped a Go implementation of Wappalyzer in a CLI. Sounds perfect, right? Go is fast, the command line is fast, and Wappalyzer does the thing that I need.
The old version worked alright — no complaints, really — but nothing on the project had been touched in three years. The Go version was old, libraries were way out of date, and honestly, relying on something that stale just feels… irresponsible?
Besides, the JSON output that the old version of the Wappalyzer CLI spit out didn’t include the domain name. Which made it slightly less useful when performing runs on a list of domains, which I’m possibly looking at doing.
Before I start talking about my fixes tho, here’s a quick note on how this tool works. When run, wappalyzer-cli fetches the target site via HTTP, pulling HTML, headers, JavaScript, etc. Then it uses a local database of known libraries, frameworks, and server technologies. No external API calls need to be made for analysis. All of this happens locally.
I consider this a massive win for privacy! The URLs you scan and site contents all stay on your machine. This means that you’re not feeding some rent seeking business that’ll most likely turn around and eventually funnel this data into some bullshit AI tool. On top of that, you can use this as much as you want without worrying about hitting any API rate limits.
Anyway, I decided to give this neglected tool a friendly bit of polish. I started by switching things to a more recent version of Go. Then I bumped all of the dependencies. Once that was done, I ensured that everything still ran. Finally, I hacked the domain name into to the JSON output. Now I’ll be able to tell which site each set of results belongs to in batch runs.
It’s still the same fast tool that it was before. It’s just a bit better now. If you want a quick, reliable site intelligence tool, go check out my updated version over on GitHub.
Feel free to kick the tires, open an issue, or send a pull request if you’re really feeling sassy. I’m still learning Go, so it might take a minute for me to figure out how to fix whatever bugs folks might surface, but I’m still happy to give it the old college try.
Leave a Reply