Giter VIP home page Giter VIP logo

fingerprint-scanner-research's Introduction

fingerprint-scanner-research

常见开源指纹识别/web高危组件识别/hw all in one扫描/ 等项目调研

大家有常用的工具可提issue

开源指纹识别项目调研

fingerprint-scanner-research's People

Contributors

timwhitez avatar

Stargazers

fifteen avatar avatar avatar avatar M1k0er avatar

Watchers

avatar avatar

Forkers

gkfnf

fingerprint-scanner-research's Issues

调研

调研以爬虫结合被动指纹识别为主
主动发包识别为辅的识别方案

调研多种指纹归类(采样)方案

项目名称: WhatWeb

项目名称: WhatWeb
项目地址:https://github.com/urbanadventurer/WhatWeb
开发语言:Ruby
指纹数量:1800
识别原理:HTML and HTTP headers等的hash或者关键词

Title - The HTML Page Title
MD5 hash
Header hash
Footer hash
Meta generator tag name
Uncommon HTTP headers
Tag-hash (Hash of the HTML tag pattern)

优点:可被动也可主动
缺点:ruby使用不是很方便

项目名称: EHole

项目名称: EHole
项目地址:https://github.com/EdgeSecurityTeam/EHole
开发语言:Golang
指纹数量:?
识别原理:

关键字匹配:
{
		"cms": "seeyon",
		"method": "keyword",
		"location": "body",
		"keyword": ["/seeyon/USER-DATA/IMAGES/LOGIN/login.gif"]
}

faviconhash匹配:
{
		"cms": "CapRover",
		"method": "faviconhash",
		"location": "body",
		"keyword": ["988422585"]
}

优点:keyword支持多关键字匹配,需要所有关键字匹配上才能识别
缺点:没代码

项目名称: wappalyzer

项目名称: wappalyzer
项目地址:https://github.com/AliasIO/wappalyzer
开发语言:原项目JS,使用可以Python,JS,Golang
指纹数量:(https://github.com/aliasio/wappalyzer/blob/master/src/technologies.json)
识别原理:从http response,headers,favicon等多个角度进行匹配

"Example": {
  "description": "A short description of the technology.",
  "cats": [
    "1"
  ],
  "cookies": {
    "cookie_name": "Example"
  },
  "dom": {
    "#example-id": {
      "exists": "",
      "attributes": {
        "class": "example-class"
      },
      "properties": {
        "example-property": ""
      },
      "text": "Example text content"
    }
  },
  "dns": {
    "MX": [
      "example\\.com"
    ]
  },
  "js": {
    "Example.method": ""
  },
  "excludes": "Example",
  "headers": {
    "X-Powered-By": "Example"
  },
  "html": "<link[^>]example\\.css",
  "css": "\\.example-class",
  "robots": "Disallow: /unique-path/",
  "implies": "PHP\\;confidence:50",
  "requires": "WordPress",
  "meta": {
    "generator": "(?:Example|Another Example)"
  },
  "script": "example-([0-9.]+)\\.js\\;confidence:50\\;version:\\1",
  "url": "example\\.com",
  "xhr": "example\\.com",
  "oss": true,
  "saas": true,
  "pricing": ["medium", "freemium", "recurring"],
  "website": "https://example.com",
}

优点:个人觉得最好的被动指纹识别
缺点:待补充

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.