Technology Detection¶
Escape ASM automatically identifies the technologies running on your assets — frameworks, libraries, web servers, databases, CMS platforms, and more. Each detected technology is linked back to the asset it was found on, giving you a complete view of your technology stack across the entire attack surface.
Why it matters: knowing exactly which technologies are deployed — and at which version — is the first step to identifying vulnerable dependencies and outdated software before attackers do.
Where Technologies Are Detected¶
Technologies are identified from multiple asset types using different detection techniques:
| Source Asset | Detection Method | Examples |
|---|---|---|
| Web Apps | HTTP fingerprinting, source map analysis, stack trace analysis | Frontend frameworks, JavaScript libraries, CMS platforms |
| REST APIs | HTTP fingerprinting, low-level protocol fingerprints | Web servers, application frameworks, programming languages |
| GraphQL APIs | HTTP fingerprinting, low-level protocol fingerprints | GraphQL engines, backend frameworks |
| Code Repositories | Dependency manifest analysis | All packages declared in lock files and dependency trees |
Every detected technology is linked to its parent asset — so you always know where a given technology is running and can trace findings back to the asset that introduced them.
Detection Techniques¶
Escape combines several complementary approaches to maximize detection coverage:
- HTTP Fingerprinting — Analyzes HTTP response headers, body content, and script references to identify deployed technologies. Covers 8,000+ technology signatures across 106 categories.
- Source Map Analysis — When source maps are exposed, Escape extracts dependency information directly from the bundled application code.
- Stack Trace Analysis — Error responses and stack traces are analyzed to reveal underlying frameworks and runtime environments.
- Low-Level Fingerprints — Protocol-level signals such as TLS banners, server behavior patterns, and byte signatures provide additional identification signals.
- Dependency Manifest Analysis — For connected code repositories, Escape parses package manifests and lock files to enumerate every declared dependency.
All detection is non-intrusive and agent-less — no software is installed on your infrastructure.
Packages vs Software¶
Detected technologies are classified into two categories:
| Category | What it represents | Examples |
|---|---|---|
| Package | A library or framework installed from a package registry | JavaScript libraries, Python packages, PHP packages, Ruby gems |
| Software | An application or infrastructure component deployed on the target | Web servers, databases, CMS, reverse proxies, operating systems |
This classification helps you understand both your application-level dependencies (packages) and your infrastructure footprint (software) in a single inventory.
Versions and Versionless Technologies¶
When Escape detects a technology, it attempts to determine the specific version in use.
- Versioned technologies — The exact version is identified (e.g. from HTTP headers, script filenames, or dependency manifests). This enables precise CVE matching against known affected version ranges.
- Versionless technologies — The technology is identified but no specific version could be determined. This is common for technologies that do not expose version information in their HTTP responses. Versionless technologies are still valuable: they map your technology stack and are matched against known vulnerabilities using standard product identifiers, though findings are reported with adjusted confidence.
In the platform, versioned technologies are displayed as technology@version while versionless technologies show the technology name alone.
Technology Enrichment¶
After initial detection, each technology is enriched with additional metadata:
- Description — A human-readable summary of what the technology is
- Reference URL — A link to the technology's official page or repository
- Standard Identifiers — Industry-standard product identifiers (CPE) that feed into CVE Scanning
This enrichment enables accurate vulnerability matching and helps security teams quickly understand what each technology does without leaving the platform.