So tracking is getting even trickier, it seems canvas fingerprinting would work in any browser that supports HTML5 and is pretty hard to stop as a user, as it’s a basic feature (a website instructing your browser to draw an image using canvas). And it turns out, every single browser will draw the image slightly […]
It’s been a while since the last major release of Nmap, the last time we reported on it was when Nmap v5.20 was Released (February 2010). The latest major version has just been released, version 6 – and is now available for download! For the two people on the planet who don’t know – Nmap […]
Tags: fingerprinting, fyodor, network fingerprinting, Network Hacking, network scanner, networking, nmap, nmap 6, nmap scanner, nmap tool, nmap-gui, os identification, os-detection, os-fingerprinting, port-scanner, port-scanning, release, releases, software, traceroute, udp port scanner, udp scanning, zenmap
Posted in: Hacking Tools, Network Hacking | Add a CommentNmap is of course of the most famous port scanners and hacking tools of all time, the last stable release was back in July 2009. For those that may not know, Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although […]
Tags: fingerprinting, fyodor, network fingerprinting, Network Hacking, network scanner, networking, nmap, nmap scanner, nmap tool, nmap-gui, os identification, os-detection, os-fingerprinting, port-scanner, port-scanning, release, releases, software, traceroute, udp port scanner, udp scanning, zenmap
Posted in: Hacking Tools, Network Hacking | Add a CommentThis is a tool that performs version fingerprinting on Microsoft SQL Server 2000, 2005 and 2008, using well known techniques based on several public tools that identifies the SQL Version. The strength of this tool is that it uses probabilistic algorithm to identify the version of the Microsoft SQL Server. The “Microsoft SQL Server Fingerprint […]
Tags: data-security, database fingerprinting, database-security, fingerprinting, Hacking Tools, hacking-databases, microsoft sql, microsoft sql fingerprinting, microsoft sql fingerprinting tool, ms-sql, ms-sql fingerprinting, mssql, mssql fingerprinting, mssqlfp
Posted in: Database Hacking, Hacking Tools, Network Hacking | Add a CommentHow it works? WAFP fetches the files given by the Finger Prints from a webserver and checks if the checksums of those files are matching to the given checksums from the Finger Prints. This way it is able to detect the detailed version and even the build number of a Web Application. In detail? A […]
Ah can’t believe I haven’t posted about this one before, one of my favourite tools! It was a big breakthrough to have a passive OS-fingerprinting tool after relying on Nmap and Xprobe2 for the longest time. OS fingerprinting is a very important part of a pen-test during the information gathering stage. P0f v2 is a […]
thc-Amap (Application MAPper) is another excellent tool more towards banner grabbing and protocol detection than OS-fingerprinting. But from the services running on a machine you can get a good idea of the OS and the purpose of the server. Amap is a next-generation scanning tool for pentesters. It attempts to identify applications even if they […]
Sometimes I wonder to myself have I mentioned a certain tool on the site, usually one of my favourites…often I search the site to find I have never posted about it. It just goes to show how we often overlook some of the more ‘obvious’ choices, and to many people they may not be that […]
Tags: fingerprinting, information gathering, Network Hacking, nmap, os-detection, os-fingerprinting, penetration-testing, xprobe, xprobe2
Posted in: Hacking Tools, Network Hacking | Add a CommentMost of todays tools for fingerprinting are focusing on server-side services. Well-known and widely-accepted implementations of such utilities are available for http web services, smtp mail server, ftp servers and even telnet daemons. Of course, many attack scenarios are focusing on server-side attacks. Client-based attacks, especially targeting web clients, are becoming more and more popular. […]
Well this is quite scary as biometrics are touted as the ultimate in security and two factor authentication with biometrics is about as ‘heavy’ as most places get. The fact that the biometric data can be ‘sniffed’ reconstructed and re-used…is worrying to say the least. Do any of you have biometric measures in your workplace? […]
