Knowing what technologies power a website isn't just a curiosity — it's actionable intelligence. Whether you're sizing up competitors, qualifying sales leads, or auditing your own security posture, a tech stack detection API can automate what used to take hours of manual inspection.
In this post, I'll walk through three real-world use cases with Python code examples using the DetectZeStack API.
1. Competitive Analysis
The Problem
You need to understand what technologies your competitors are using — their frontend framework, hosting provider, analytics tools, CDN — but manually inspecting source code and HTTP headers across dozens of sites is tedious and error-prone.
The Solution
Batch compare competitors in one call:
import requests
headers = {
"X-RapidAPI-Key": "YOUR_API_KEY",
"X-RapidAPI-Host": "detectzestack.p.rapidapi.com",
"Content-Type": "application/json"
}
# Compare your site against competitors
response = requests.post(
"https://detectzestack.p.rapidapi.com/compare",
headers=headers,
json={"urls": ["yoursite.com", "competitor1.com", "competitor2.com"]}
)
data = response.json()
print("Technologies ALL sites share:", data["shared"])
for domain in data["domains"]:
print(f"\n{domain['domain']}:")
print(f" Total: {len(domain['technologies'])} technologies")
print(f" Unique: {domain['unique']}")
Track competitor changes over time:
Set up webhooks for competitor domains. Every time someone analyzes them, you'll receive a notification with their current tech stack — making it easy to spot when competitors adopt new frameworks or switch providers.
Example Insights
- "Competitor X switched from Heroku to AWS last month"
- "3 of 5 competitors use Next.js — industry trend?"
- "Competitor Y added Cloudflare CDN — they're scaling"
2. Lead Enrichment & Sales Intelligence
The Problem
Your sales team has a list of prospect companies but no insight into their technical sophistication. Cold outreach about "infrastructure optimization" falls flat when you don't know if they're on Heroku or bare-metal Kubernetes.
The Solution
Enrich CRM leads with technology data:
import requests
headers = {
"X-RapidAPI-Key": "YOUR_API_KEY",
"X-RapidAPI-Host": "detectzestack.p.rapidapi.com",
"Content-Type": "application/json"
}
# Your prospect list
prospects = ["prospect1.com", "prospect2.com", "prospect3.com",
"prospect4.com", "prospect5.com"]
# Batch analyze (up to 10 at a time)
response = requests.post(
"https://detectzestack.p.rapidapi.com/analyze/batch?format=csv",
headers=headers,
json={"urls": prospects}
)
# Save CSV directly to file for CRM import
with open("enriched_leads.csv", "w") as f:
f.write(response.text)
Segment leads by technology:
# Find all prospects using Shopify (potential e-commerce migration targets)
response = requests.post(
"https://detectzestack.p.rapidapi.com/analyze/batch",
headers=headers,
json={"urls": prospects}
)
shopify_users = []
for item in response.json()["results"]:
if item.get("result"):
tech_names = [t["name"] for t in item["result"]["technologies"]]
if "Shopify" in tech_names:
shopify_users.append(item["result"]["domain"])
print(f"Prospects using Shopify: {shopify_users}")
Example Insights
- Segment leads: "Companies using WordPress" vs "Companies using custom React apps" need different pitches
- Identify upsell opportunities: "They use basic shared hosting — ready for cloud migration"
- Qualify leads: "They already use AWS — likely technical enough for our developer tool"
3. Security Auditing
The Problem
Your security team needs to inventory the technologies across your organization's web properties. Outdated frameworks, known-vulnerable libraries, and misconfigured servers need to be identified before attackers find them.
The Solution
Scan all company domains:
import requests
headers = {
"X-RapidAPI-Key": "YOUR_API_KEY",
"X-RapidAPI-Host": "detectzestack.p.rapidapi.com",
"Content-Type": "application/json"
}
company_domains = [
"company.com", "app.company.com", "docs.company.com",
"blog.company.com", "status.company.com"
]
response = requests.post(
"https://detectzestack.p.rapidapi.com/analyze/batch",
headers=headers,
json={"urls": company_domains}
)
for item in response.json()["results"]:
if item.get("result"):
domain = item["result"]["domain"]
for tech in item["result"]["technologies"]:
# Flag technologies with CPE identifiers
# (can be cross-referenced with CVE databases)
if tech.get("cpe"):
print(f"[CPE] {domain}: {tech['name']} — {tech['cpe']}")
Use CPE identifiers for vulnerability lookups:
The API returns CPE (Common Platform Enumeration) identifiers when available. These can be cross-referenced with the NVD (National Vulnerability Database) to find known CVEs:
cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*
Monitor for technology changes:
Set up webhooks on critical domains. If someone adds a new analytics script or swaps out the CDN, you'll know immediately.
Example Insights
- "blog.company.com is running jQuery 2.x — known XSS vulnerabilities"
- "staging.company.com exposes Nginx version in headers — information leak"
- "marketing site switched SSL providers without security team approval"
Which Endpoints for Which Use Case
| Use Case | Primary Endpoint | Also Useful |
|---|---|---|
| Competitive analysis | POST /compare |
GET /history, POST /webhooks
|
| Lead enrichment | POST /analyze/batch |
GET /analyze (one-off lookups) |
| Security auditing | POST /analyze/batch |
GET /history, POST /webhooks
|
| Technology trends | GET /history |
POST /compare |
| Change monitoring | POST /webhooks |
GET /history |
Get started free (100 requests/month, no credit card): DetectZeStack on RapidAPI
DetectZeStack detects 3,800+ technologies using wappalyzer fingerprinting, DNS analysis, TLS certificates, and custom header matching.
Top comments (0)