Technology Fingerprinting
50 points total
Measures how much of your technology stack is visible from public responses — server software, framework headers, debug indicators, and overall stack exposure profile.
Checks
| Check | Weight | What it measures |
|---|---|---|
Stack Exposure Profile tech_stack_exposure_profile | 18 pts | Composite assessment of overall technology visibility across all response headers and content. |
Server Header Disclosure tech_server_header_disclosure | 12 pts | Checks whether the Server response header reveals software name and version. |
Framework Disclosure tech_framework_disclosure | 10 pts | Checks for X-Powered-By and similar headers that reveal application frameworks. |
Debug Indicators tech_debug_indicators | 10 pts | Looks for debug mode signals, diagnostic headers (X-Runtime), and development artifacts in production. |
Pass / Warn / Fail Logic
Stack Exposure Profile
Pass if composite >= 0.9; warn if >= 0.45; fail otherwise.
Server Header Disclosure
Pass if generic or absent; warn if software identifiable; fail if version exposed.
Framework Disclosure
Pass if absent; warn if framework identifiable; fail if framework + version exposed.
Debug Indicators
Pass if no debug signals; warn on borderline signals; fail if debug mode detected.
Findings & How to Fix Them
These are the specific findings RedScore may report for this category, along with remediation guidance.
debug_mode_detectedDebug mode appears enabled in production. This is the one technology-fingerprinting finding that can directly expose application internals, source paths, and session data. Disable it.
server_version_exposedServer software and exact version are disclosed in response headers. Remove or genericize the Server header to reduce unnecessary information exposure.
framework_version_exposedApplication framework and exact version are disclosed via response headers. Remove X-Powered-By and similar version headers from your server configuration.
outdated_version_detectedAn advertised software version appears behind current stable releases. Note: without CVE correlation this is an informational signal — plan upgrades on your own schedule.
server_software_identifiableServer software type is identifiable from response headers. Consider genericizing the Server header; this is a low-priority hygiene item.
framework_header_presentApplication framework is disclosed via response headers (e.g. X-Powered-By). Remove or genericize these headers to reduce stack visibility.
debug_borderline_signalDiagnostic headers (e.g. X-Runtime) are visible in production responses. Confirm they are intentional; remove if not needed.
high_stack_visibilityMultiple technology components are identifiable from public responses. Reducing overall stack visibility is a defence-in-depth hygiene measure.