How It Works

A deep dive into Unveil's scanning process and analysis methodology.

Overview

Unveil employs a multi-stage analysis pipeline that examines web properties from multiple angles. Unlike simple scrapers, Unveil uses headless browser technology to render pages fully, observe JavaScript execution, and monitor network activity—mimicking how a real user would experience the site.

The entire process is designed to be non-invasive and safe. We only analyze publicly accessible content and never attempt authentication bypass, vulnerability exploitation, or access to protected resources.

Scan Pipeline

Every scan goes through five distinct stages:

1

Fetching

The initial HTTP request phase captures fundamental server information:

  • DNS resolution and IP address
  • TLS certificate details and validity
  • HTTP response headers
  • Initial HTML document
  • Server timing information
2

Rendering

A headless browser fully renders the page, executing all JavaScript:

  • JavaScript framework detection during hydration
  • CSS framework and design system identification
  • Build tool fingerprinting (Webpack, Vite, etc.)
  • DOM structure analysis
  • Resource loading patterns
3

Observing

Active monitoring captures runtime behavior:

  • Network requests (XHR, Fetch, WebSocket)
  • Third-party service integrations
  • Analytics and tracking implementations
  • Error handling and logging patterns
  • Dynamic content loading behavior
4

Scoring

Evidence markers are evaluated and weighted:

  • Positive signals (auth flows, API calls, state management)
  • Negative signals (placeholder content, static-only pages)
  • Neutral observations (analytics, basic security)
  • Category-specific scoring adjustments
  • Aggregate reality score calculation
5

Report Generation

All findings are compiled into a structured report:

  • Overall reality score and verdict
  • Summary bullets highlighting key findings
  • Detailed evidence with weights
  • Technology stack breakdown
  • Security posture assessment

Technical Approach

Heuristic Analysis
Unveil uses heuristic signals rather than definitive detection. Results represent probabilistic assessments, not absolute truths.

Our detection methodology combines multiple techniques:

Fingerprinting

We identify technologies through unique signatures in HTML comments, meta tags, script patterns, and global JavaScript variables. For example, React applications expose __REACT_DEVTOOLS_GLOBAL_HOOK__ or similar markers.

Behavioral Analysis

Beyond static analysis, we observe runtime behavior. A real application typically makes API calls, handles user events, and manages state. Marketing pages often lack these dynamic characteristics.

Pattern Matching

Common patterns indicate functionality level. Authentication flows, form submissions, data tables, and interactive elements suggest a working product rather than a static landing page.

Security Baseline

Production applications typically implement security headers and best practices. Missing HTTPS, outdated TLS, or absent security headers may indicate incomplete deployment or pre-production status.