We saw in previous chapters that most web applications can be detected using their favicons. The md5 hash of the favicon for different versions can be compared to identify the version of Tomcat being used:

The following screenshot shows the hash in the OWASP favicon database list:

We can also maintain our favicon database to check for different versions of Apache Tomcat installations.