Language, We can see some webapps that run in Java beacause the .jsp .jsf .do .faces extension is shown in urls, or .php for PHP, or .asp, aspx for .NET, but i some other is not displayed, like zoho.com/view/ZB_Main for example.
Does exists some technique for knowing that?
You can try to examine the HTML source for clues. Anything that has Viewstate in there and/or has gibberish for IDs is mostly likely .NET.
It is possible for a server technology to make itself completely ambiguous. However, many server technologies do add some trace of themselves to the Http Response. The best example I can give is the X-Powered-By header.
Most server technologies have an option NOT to send this header, but depending on how secretive the site you are looking at is, it may still be there.
Hope that helps,
Not really. It's easy to hide that sort of information in all kinds of ways. You can get some info from Netcraft, see e.g. Often such sites peek at the Server: tag from the webserver , like here
[21:49:33 0 ~] $ telnet localhost 80
Trying ::1...
Connected to localhost.
Escape character is '^]'.
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Date: Tue, 18 Aug 2009 19:49:46 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e DAV/2 PHP/5.2.9 SVN/1.6.4
Last-Modified: Tue, 23 Jun 2009 13:10:59 GMT
ETag: "7999-2c-46d03b8d078d0"
Accept-Ranges: bytes
Content-Length: 44
Connection: close
Content-Type: text/html; charset=UTF-8
Connection closed by foreign host.
Typically, this is because they're using a URL re-writing scheme to provide more helpful URLs - it also removes any lock to specific technologies. I have sene some cases where one scripting technology had its URLs rewritten to look like a different one, for backward URL compatibility.
There may be forensic info if you look in the headers (see also: Netcraft), there may be information in blog posts, there may be "powered by" logos, but generally I'd not recommend it being advertised too widely, just in case an exploit is published in the technology of choice...
The response headers are the most helpful. Looks for the Server or X-Powered-By headers being set.
Sometimes a page will have a Generator meta tag as well. This is anther place you can look.
Lastly, look at the footer of the pages. Some sites outrightly say what they're running on!
A webserver need not release any information to the outside world about what technology it uses, so there's no sure way. But there are clues as others have already mentioned. Another clue is if you get one of the standard error pages generated by the server-side scripting engine or by the server software itself.
But these are mere clues. A webserver can be configured to handle filename extensions practically as it likes; you could probably even configure one (or write your own) to process .php as Perl, use .asp to serve static PNG images and so on, make it go by the first letter of the filename, have it get both the file and the technology used to handle it out of a database, and so on. And even forge error pages in the style of some software your site doesn't run on, or add time delays to make you think it uses some slower technology or runs on a slower machine than it actually does....