Sometimes I wonder to myself have I mentioned a certain tool on the site, usually one of my favourites…often I search the site to find I have never posted about it.
It just goes to show how we often overlook some of the more ‘obvious’ choices, and to many people they may not be that obvious. I’ll be going through the tools I use and posting them up here if I haven’t already.
Anyway one of the stock tools for any pen-tester is Xprobe usually known now as Xprobe2 – some of it’s logic has been absorbed into nmap and it’s basically an active OS fingerprinting tool meaning it sends actual data to the machine it’s fingerprinting rather than a passive tool like p0f which just listens.
Xprobe2 is a remote, active OS fingerprinting tool, the features are as below:
- Port scanning is now available through the usage of the -T (TCP) and -U (UDP) command line option
- Added the -B command line option (‘blind port guess’) used for searching an open TCP port among the following ports: 80,21, 25, 22, 139
- Include XSD schema with distribution and make our XML comply with that XSD
- loopback (lo) is supported
You can read more on Xprobe2 and what it does here:
Download Xprobe2 here:
Or read more here.