Showing posts with label Fingerprint. Show all posts
Showing posts with label Fingerprint. Show all posts

Monday, March 18, 2013

[WhatWeb] Scanner para Fingerprinting de una Web


WhatWeb es una herramienta que nos permite realizar Fingerprinting de una web.


WhatWeb tiene la particularidad de identificar webs que están realizadas con alguno de los CMS más populares como WordPress, Joomla!, phpBB o Drupal, además permite identificar versiones de librerías JavaScript, Geolocalización de dominios, identificación de etiquetas HTML, Servidores Web y más de 900 plugins para extender su funcionalidad.


A los que nunca utilizaron esta herramienta y quieren comenzar a entrar en las etapas de reconocimiento y fingerprinting, sus primeros pasos sin es utilizar WhatWeb.

Descarga WhatWeb
Repositorio  en GitHub
Web del Autor
The WhatWeb Wiki

Posted by at No comments:
Labels: , , , , , , ,

Friday, February 22, 2013

[BlindElephant] Web Application Fingerprinting


 During Black Hat USA 2010, Patrick Thomas presented a new web application fingerprinting tool called Blind Elephant.

BlindElephant %E2%80%93 Web Application Fingerprinting

The BlindElephant Web Application Finger-printer attempts to discover the version of a (known) web application by comparing static files at known locations against precomputed hashes for versions of those files in all all available releases. The technique is fast, low-bandwidth, non-invasive, generic, and highly automatically.

BlindElephant works via a new trendy technique of fetching static elements of the web app such as .js, .css, and other core files then running a check sum to compare sizes of those files from released versions.

BlindElephant is available via SVN here
svn co https://blindelephant.svn.sourceforge.net/svnroot/blindelephant/trunk blindelephant
Posted by at No comments:
Labels: , , , , , ,

Monday, December 24, 2012

[SQL Fingerprint] Christmas Release



Microsoft SQL Server fingerprinting can be a time consuming process, because it involves trial and error methods to determine the exact version. Intentionally inserting an invalid input to obtain a typical error message or using certain alphabets that are unique for certain server are two of the many ways to possibly determine the version, but most of them require authentication, permissions and/or privileges on Microsoft SQL Server to succeed. 

Instead, ESF.pl uses a combination of crafted packets for SQL Server Resolution Protocol (SSRP) and Tabular Data Stream Protocol (TDS) (protocols natively used by Microsoft SQL Server) to accurately perform version fingerprinting and determine the exact Microsoft SQL Server version. ESF.pl also applies a sophisticated Scoring Algorithm Mechanism (Powered by Exploit Next Generation++ Technology), which is a much more reliable technique to determine the Microsoft SQL Server version. It is a tool intended to be used by: 


This version is a completely rewritten version in Perl, making ESF.pl much more portable than the previous binary 

version (Win32), and its original purpose is to be used as a tool to perform automated penetration test. This version also includes the followingMicrosoft SQL Server versions to its fingerprint database:        

        • Microsoft SQL Server 2012 SP1 (CU1)
        • Microsoft SQL Server 2012 SP1
        • Microsoft SQL Server 2012 SP1 CTP4
        • Microsoft SQL Server 2012 SP1 CTP3
        • Microsoft SQL Server 2012 SP0 (CU4)
        • Microsoft SQL Server 2012 SP0 (MS12-070)
        • Microsoft SQL Server 2012 SP0 (CU3)
        • Microsoft SQL Server 2012 SP0 (CU2)
        • Microsoft SQL Server 2012 SP0 (CU1)
        • Microsoft SQL Server 2012 SP0 (MS12-070)
        • Microsoft SQL Server 2012 SP0 (KB2685308)
        • Microsoft SQL Server 2012 RTM


Download: http://code.google.com
Source: http://code.google.com/p/sql-fingerprint-next-generation
Posted by at No comments:
Labels: , , , , ,

Saturday, November 10, 2012

[NetSleuth] Open source Network Forensics And Analysis Tools

NetSleuth-Offline-Varied-2
NetSleuth identifies and fingerprints network devices by silent network monitoring or by processing data from PCAP files.

NetSleuth is an opensource network forensics and analysis tool, designed for triage in incident response situations. It can identify and fingerprint network hosts and devices from pcap files captured from Ethernet or WiFi data (from tools like Kismet).
It also includes a live mode, silently identifying hosts and devices without needing to send any packets or put the network adapters into promiscuous mode ("silent portscanning").
NetSleuth is a free network monitoring, cyber security and network forensics analysis (NFAT) tool that provides the following features:
  • An easy realtime overview of what devices and what people are connected to any WiFi or Ethernet network.
  • Free. The tool can be downloaded for free, and the source code is available under the GPL.
  • Simple and cost effective. No requirement for hardware or reconfiguration of networks.
  • “Silent portscanning” and undetectable network monitoring on WiFi and wired networks.
  • Automatic identification of a vast array of device types, including smartphones, tablets, gaming consoles, printers, routers, desktops and more.
  • Offline analysis of pcap files, from tools like Kismet or tcpdump, to aid in intrusion response and network forensics.
Posted by at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)