SinFP v2.00 Released – Next Generation OS Detection Tool


OS Fingerprinting is an important part of any penetration test or hack as it allows you focus your efforts a lot more effeciently when point testing, rather than throwing everything at a machine like a script kiddy would. So let’s introduce a new option, other than p0f and xprobe2.

SinFP uses the aforementioned limitations as a basis for tests to be obsolutely avoided in used frames to identify accurately the remote operating system. That is, it only requires one open TCP port, sends only fully standard TCP packets, and limits the number of tests to 2 or 3 (with only 1 test giving the OS reliably in most cases).

New for 2.00:

  • complete rewrite
  • sinfp.db completely reworked
  • new tests based on comparison between probe and response (TCP seq/ack comparison, IP ID value comparison)
  • new matching algorithm, works like a search engine (a problem of finding intersection, by applying a deformation mask on keywords) much more efficient than in 1.xx branch
  • possibility to manually pass a matching mask to change at will the matching algorithm
  • passive fingerprinting much more acurate thanks to new matching algorithm
  • possibility to launch P1P2P3 probes, or only P1P2 probes, or only P2 probe
  • match IPv6 signatures against IPv4 ones
  • API changes, not compatible with 1.xx version anymore
  • DB schema changes, not compatible with 1.xx version anymore
  • many bugfixes

To read more you can check out the SinFP Homepage.

You can download SinFP directly here.

Posted in: Hacking Tools, Networking Hacking

, , , , , , , , , ,


Latest Posts:


Sandcastle - AWS S3 Bucket Enumeration Tool Sandcastle – AWS S3 Bucket Enumeration Tool
Astra - API Automated Security Testing For REST Astra – API Automated Security Testing For REST
Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs.
Judas DNS - Nameserver DNS Poisoning Attack Tool Judas DNS – Nameserver DNS Poisoning Attack Tool
Judas DNS is a Nameserver DNS Poisoning Attack Tool which functions as a DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation.
dsniff Download - Tools for Network Auditing & Password Sniffing dsniff Download – Tools for Network Auditing & Password Sniffing
Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network
OWASP Amass - DNS Enumeration, Attack Surface Mapping & External Asset Discovery OWASP Amass – DNS Enumeration, Attack Surface Mapping & External Asset Discovery
The OWASP Amass Project is a DNS Enumeration, Attack Surface Mapping & External Asset Discovery tool to help information security professionals perform network mapping of attack surfaces.
Cameradar - Hack RTSP Video Surveillance CCTV Cameras Cameradar – Hack RTSP Video Surveillance CCTV Cameras
Cameradar is a Go-based tool to hack RTSP Video Surveillance CCTV Cameras, it can detect open RTSP hosts, detect device models and launch automated attacks.


Comments are closed.