httprecon is a tool for advanced web server fingerprinting, similar to httprint that we mentioned previously.
The httprecon project is doing some research in the field of web server fingerprinting, also known as http fingerprinting. The goal is the highly accurate identification of given httpd implementations. This is very important within professional vulnerability analysis.
Besides the discussion of different approaches and the documentation of gathered results also an implementation for automated analysis is provided. This software shall improve the easiness and efficiency of this kind of enumeration. Traditional approaches as like banner-grabbing, status code enumeration and header ordering analysis are used. However, many other analysis techniques were introduced to increase the possibilities of accurate web server fingerprinting.
Besides the well-known enumeration of http response status codes and header-ordering several other fingerprinting mechanisms were introduced. For example the capitalization of header lines, the use of spaces and the structure of ETag values (e.g. length and quotes).
Features of httprecon – Advanced Web Server Fingerprinting tool
These are the main features of the current implementation of httprecon which makes this solution better than other tools of this kind:
- Many test-cases: There are nine test-cases possible
- HTTPS/SSL support: Secure web servers can be tested too
- Advanced result analysis: Different methods for the analysis of results is provided
- Many fingerprint details: The analysis is based on many fingerprint elements
- Plaintext Database: The fingerprint data is saved in a file-based plaintext database
- Fingerprint Wizard: Fingerprints can be saved and updated within the GUI
- IDS evasion mechanism: The configuration settings allow to use IDS evasion mechanisms
- Reporting: XML, HTML and TXT reporting is provided for professional testers
- Autoupdate: An autoupdate feature informs about new releases
- Open-source (GPLv3): Everyone can improve the application for themselves
This increases the number of fingerprints to distinguish the given implementation. Thus, the accuracy of the fingerprinting series is very high. Theoretically, httprecon 1.x is able to generate approx. 198 fingerprint atoms per full scan run (usually between 80 and 120 are given).
You can download httprecon 7.3 here:
Source (VB6) – httprecon-7.3.zip
Or read more here.