you are here: home > security > tools > fingerprinting
Call trans opt: receveid. 9-18-99 14:32:31 REC:log>
WARNING: carrier anomaly
Trace program: running
> Welcome 38.107.191.99
16.03.2010 - 16:15 (15:15 GMT)
5orry, you have... NO MAIL.

Fingerprinting: The Complete Documentation

  • This category contains 19 Tools
  • The last tool was added on 2007-02-12 (YYYY-MM-DD)
  • Use the Source Lucie!!! >:)

 Amap -v4.8

Published on 2005-02-04 - by plasmoid, ©TheHackersChoice.

Amap is a next-generation scanning tool, it identifies applications and services even if they are not listening on the default port by creating a bogus-communication. Amap has a growning database of know applications also including non-ASCII based applications and even enterprise services.

 Disco -v1.2

Published on 2003-04-07 - by Preston Wood, ©Preston Wood.

Disco is a passive IP discovery and fingerprinting utility designed to sit on segments distributed throughout a network to discover unique IP's on the network. In addition to IP discovery disco has the ability to passively fingerprint TCP SYN packets using techniques detailed in a whitepaper from Lance Spitzner. The intention is for disco to discover IP's on the network, fingerprint the packet if necessary, and load into the Gherkin Scan Manager database for targeted host scans.

 FingerPrintFucker -

Published on - by |CyRaX| and FuSyS, ©The Packets Knighs.

FingerPrintFucker is an lkm for linux that changes the tcp/ip stack in order to emulate other os'es against tcp/ip fingerprinting. The package contains the lkm and a parser for the nmap file that let you choose directly the os you want. (of course.. it doesn't work with all the os'es :). This is a new version that fixes a remot denial of service. The module still has some problems. Don't use it on servers!

 Fuzzy Fingerprint -v0.8

Published on 2003-10-25 - by Plasmoid, ©The Hackers Choice.

Fuzzy fingerprinting (ffp) is a technique that extends common man-in-the-middle attacks by generating fingerprints that closely look like the target's public key fingerprint.

 IP Personality -

Published on 2002-08-18 - by Carl-Daniel Hailfinger, ©Carl-Daniel Hailfinger.

The IP Personality project is a patch to the Linux kernels that adds netfilter features: it enables the emulation of other OSes at the network level, thus fooling remote OS detection tools such as nmap that rely on network fingerprinting.

 iQ -

Published on - by Elie aka Lupin Bursztein, ©Elie aka Lupin Bursztein.

iQ uses ICMP flaw implementation to identify the remote OS. By crafting several packets, it creates an OS signature and compares it to its data-base.

 Libsf -v0.01b

Published on - by packetfactory, packetfactory.

Libsf is a stack fingerprinting library.

 Linux DISTribution FingerPrint -v0.1.4

Published on - by Scut, TESO Security Group.

Linux DISTribution FingerPrint, added raw mode to use scanlogs, new fingerprints etc. Send me new fingerprints please ;)

 Nmap -v3.70

Published on 2004-08-31 - by Fyodor, www.insecure.org.

Nmap ("Network Mapper") is an open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (ports) they are offering, what operating system (and OS version) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers, and both console and graphical versions are available. Nmap is free software, available with full source code under the terms of the GNU GPL.

 p0f -v1.8.3

Published on - by Michal Zalewski and William Stearns, ©Bill Stearns.

p0f performs passive OS fingerprinting technique bases on information coming from remote host when it establishes connection to our system. Captured packets contains enough information to determine OS - and, unlike active scanners (nmap, queSO) - it is done without sending anything to this host.

 p0f v2 -v2.0.5

Published on 2004 - by Michal Zalewski, ©Michal Zalewski.

P0f is quite useful for gathering all kinds of profiling information about your users, customers or attackers (IDS, honeypot, firewall), tech espionage (laugh...), active or passive policy enforcement (restricting access for certain systems or otherwise handling them differently; or detecting guys with illegal network hookups using masquerade detection), content optimization, pen-testing (especially with SYN+ACK and RST+ACK modes), thru-firewall fingerprinting... plus all the tasks active fingerprinting is suitable for. And, of course, it has a high coolness factor, even if you are not a sysadmin.

 Queso -v.

Published on - by The Apostols, The Apostols.

Remote O.S. detector. Sends obscure TCP pkts to determine remote OS. Fully configurable. Runs on Linux, Solaris and probably any OS with libpcap support.

 Siphon -v.666

Published on - by bind, bind.

The Siphon Project is a portable passive network mapping suite. In the latest public version, Siphon passively maps TCP ports and performs passive operating system detection. Through the magic of RFC ambiguity and programmer uniqueness, different machines exhibit telltale characteristics that enable Siphon to make a fairly accurate guess at what operating system is running on machines sending packets out over the wire. The beauty of this method is that our tool does not need to send out a slew of non-RFC compliant packets that trip intrusion detection systems. In fact, we send out no packets at all. Whereas nmap crashes some machines and network hardware when performing its active OS detection tests, Siphon would never crash remote

 Snacktime -

Published on - by Tod Beardsley, ©Tod Beardsley.

Franck Veysset, Olivier Courtay, and Olivier Heen of Intranode research noticed that one could fairly reliably detect a wide range of operating systems by timing the retransmission timeout lengths of the TCP handshake. Turns out, this is not only a surprisingly reliable, but has the potential to be extremely stealthy. Their proof-of-concept tool, RING, demonstrated this technique, and I reviewed their research for my GCIA Assignment #1, Ring out the old, RING in the new; see these papers for more in-depth analysis on how RTO timing works.Being that I'm a chimp, I'm much better with Perl than I am with C, so I ported the concepts over, and added on some extra passive fingerprinting techniques. The result is Snacktime # a half-open, half-passive OS Fingerprinting tool.

 Sprint -v0.41

Published on - by zillion, ©SafeMode.

Sprint is a simple TCP fingerprinting tool that can be used to remotely identify what operating system a host is running. Next to this functionality sprint has also the ability to calculate uptimes and contains advanced banner grepping functionality. In fact, if you run sprint with the -n switch it will similate netcraft.

 Vmap -v0.6

Published on 2003-08-10 - by , ©The Hacker's Choice.

Vmap stands for version mapper. It allows you to find out the version of a daemon by fingerprinting the features and replys of bogus commands. It's a great addition to the other *map tools.

 Winfingerprint -v0.5.13

Published on 2004-11-06 - by Kirby Kuehl, ©Kirby Kuehl.

Winfingerprint is a Win32 Host/Network Enumeration Scanner. Winfingerprint is capable of performing SMB, TCP, UDP, ICMP, RPC, and SNMP scans. Using SMB, winfingerprint can enumerate OS, users, groups, SIDs, password policies, services, service packs and hotfixes, NetBIOS shares, transports, sessions, disks, security event log, and time of day in either an NT Domain or Active Directory environment. Winfingerprint-cli is a command line version of winfingerprint and it is currently bundled with each release. As of version 0.5.13, Winfingerprint will utilize WinPcap for TCP SYN scans if it is present, otherwise TCP portscans will be non-blocking connect() based.

 Xprobe I -v0.0.2

Published on - by Fyodor Yarochkin and Ofir Arkin, Sys-Security.com.

Xprobe I combines various remote active operating system fingerprinting methods using the ICMP protocol, which were discovered during the "ICMP Usage in Scanning" research project, into a simple, fast, efficient and a powerful way to detect an underlying operating system a targeted host is using.

 Xprobe II -v2.0.2.2

Published on 2005-02-17 - by Fyodor Yarochkin and Ofir Arkin, Sys-Security.com.

Xprobe2 is an active operating system fingerprinting tool with a different approach to operating system fingerprinting. Xprobe2 rely on fuzzy signature matching, probabilistic guesses, multiple matches simultaneously, and a signature database.

Search:

Search:



This page is also available in the following languages:
| English |

Copyleft L0T3K, The Look of Love Research Alliance - 2001-2010
Fédération Anarchiste Interplanétaire --[ Collectif l'Histrion -- Groupe Carl Einstein ]

Emergency Contact: webmistress [AT&belle] l0t3k [CYPHERPUNK] org | Version: Alpha 0.5 "Angelique"

A Solaar System site dedicaced to Ada Byron King, Countess of Lovelace ; Edith Clarke ; Rosa Peter ; Grace Murray Hopper ; Alexandra Illmer Forsythe ; Evelyn Boyd Granville ; Margaret R. Fox ; Erna Schneider Hoover ; Kay McNulty Mauchly Antonelli ; Alice Burks ; Adele Goldstine ; Joan Margaret Winters...

L0T3K: Le Premier Féminin High-tech à vocation interplanétaire