[ad] Ah can’t believe I haven’t posted about this one before, one of my favourite tools! It was a big breakthrough to have a passive OS-fingerprinting tool after relying on Nmap and Xprobe2 for the longest time. OS fingerprinting is a very important part of a pen-test during the information gathering stage. P0f v2 is […]
fingerprinting
thc-Amap – Application Protocol Detection & Fingerprinting
[ad] thc-Amap (Application MAPper) is another excellent tool more towards banner grabbing and protocol detection than OS-fingerprinting. But from the services running on a machine you can get a good idea of the OS and the purpose of the server. Amap is a next-generation scanning tool for pentesters. It attempts to identify applications even if […]
Xprobe2 Download – Active OS Fingerprinting Tool
xprobe2 is an active operating system fingerprinting tool with a different approach to operating system fingerprinting. xprobe2 relies on fuzzy signature matching, probabilistic guesses, multiple matches simultaneously, and a signature database. As xprobe2 uses raw sockets to send probes, you must have root privileges in order for xprobe2 to be able to use them. Some […]
browserrecon – Passive Browser Fingerprinting
[ad] Most of todays tools for fingerprinting are focusing on server-side services. Well-known and widely-accepted implementations of such utilities are available for http web services, smtp mail server, ftp servers and even telnet daemons. Of course, many attack scenarios are focusing on server-side attacks. Client-based attacks, especially targeting web clients, are becoming more and more […]
Biometric Keylogger Can Grab Fingerprints
Well this is quite scary as biometrics are touted as the ultimate in security and two factor authentication with biometrics is about as ‘heavy’ as most places get. The fact that the biometric data can be ‘sniffed’ reconstructed and re-used…is worrying to say the least. Do any of you have biometric measures in your workplace? […]