passive fingerprinting | Darknet

October 13th, 2008

p0f – Advanced Passive OS Fingerprinting Tool

Ah can’t believe I haven’t posted about this one before, one of my favourite tools! It was a big breakthrough to have a passive OS-fingerprinting tool after relying on Nmap and Xprobe2 for the longest time.
OS fingerprinting is a very important part of a pen-test during the information gathering stage.
P0f v2 is a versatile passive [...]

May 14th, 2008

browserrecon – Passive Browser Fingerprinting

Most of todays tools for fingerprinting are focusing on server-side services. Well-known and widely-accepted implementations of such utilities are available for http web services, smtp mail server, ftp servers and even telnet daemons. Of course, many attack scenarios are focusing on server-side attacks.

Client-based attacks, especially targeting web clients, are becoming more and more popular. Browser-targeted [...]