Wappalyzer vs WhatRuns
Wappalyzer and WhatRuns are both Chrome extensions that tell you what technology a site uses. They overlap heavily, but WhatRuns is lighter and more consumer-oriented while Wappalyzer has the larger fingerprint database, the more-developer-ish UI and the better per-page depth. The real architectural difference — and the one most people don't notice until it matters — is that WhatRuns is backend-driven: each popup invocation sends the URL to WhatRuns servers for lookup. Wappalyzer's extension does its detection locally.
Context — which question are you really asking?
Both tools will give you a usable answer on a public page. The choice between them matters when you step off that happy path. Are you on your company's internal admin dashboard? Your staging environment? A customer's private preview URL? WhatRuns will still give you a nice popup, but it will have sent that URL to its servers, which is a data-handling detail you may need to explain to your security team. Wappalyzer — and Sourcemap Explorer — do their work locally. That difference alone often dictates the choice for developers working with anything non-public.
Head-to-head table
Architecture
Wappalyzer: Local-first extension: fingerprints are bundled in the extension, detection runs in the browser.
WhatRuns: Backend-driven: the extension sends the page URL to WhatRuns servers and receives the technology list in response.
This is the most underrated difference. On public sites it's invisible; on private sites it matters.
UI density
Wappalyzer: Detailed popup with category grouping and versions where the fingerprint can extract them.
WhatRuns: Cleaner, flatter list. Faster to scan, less information per scan.
Fingerprint database size
Wappalyzer: Thousands of technologies across 111 categories.
WhatRuns: Smaller curated set. Fewer but generally well-calibrated rules.
Change notifications
Wappalyzer: Not a first-party feature.
WhatRuns: Paid 'track technology changes' product with email alerts for marketing teams watching competitors.
Privacy
Wappalyzer: No per-lookup backend call (free extension). Paid API is a separate surface.
WhatRuns: Every popup invocation is a backend call with the URL.
WordPress depth
Wappalyzer: Handful of explicit plugin rules, CMS-level detection.
WhatRuns: Similar or slightly thinner.
Pricing
Wappalyzer: Free extension; paid API for bulk use.
WhatRuns: Free extension; paid change-alerts tier.
Pick by scenario
If you are: Developer on public web browsing who likes a clean UI
Pick: WhatRuns
For casual public-page use the backend call is a non-issue and the UI is faster to scan.
If you are: Developer who regularly hits internal admin dashboards and staging URLs
Pick: Wappalyzer or Sourcemap Explorer
You don't want those URLs going to a third-party SaaS on every popup. Local-only detection is the right default.
If you are: Marketing team tracking competitor tech changes via email alerts
Pick: WhatRuns (paid tier)
This is the one feature WhatRuns has that Wappalyzer doesn't at a similar price point.
If you are: Developer who wants deep per-page detail including exact versions
Pick: Sourcemap Explorer
Neither Wappalyzer nor WhatRuns reads sourcemaps, so neither gives you precise versions or ad-hoc package detection. Sourcemap Explorer does.
Verdict
A third option for developers: Sourcemap Explorer.
Free, local-first browser extension that pulls exact library versions from exposed sourcemaps, enumerates WordPress plugins, and isolates third-party trackers from your stack output.