Conferences EuSecWest and ekoparty – SinFP3: More Than A Complete Framework For Operating System Fingerprinting

We presented SinFP3 at EuSecWest on 19th of september, then at ekoparty on 21st of september. EuSecWest was held in Amsterdam, Holland, with around 50 attendees; and ekoparty was held in Buenos Aires, Argentina, with around 1200 attendees.

What is SinFP3

SinFP3 is a complete framework for network discovery. Its main purpose is to perform active fingerprinting, but it can also do passive fingerprinting. Both modes are available over IPv4 and IPv6. This new version introduces a plugin-based architecture, allowing anyone to develop their own tools around the framework.

The most important plugins are Input and Output ones. They allow you to specify how you acquire your targets (for instance: from a CSV file, an XML file or a database, …) and how you display the results (for instance: to a file, to a database, …). The default way of acquiring a target is through the Input::SynScan module, and the default way of displaying results is by using the Output::Console module.

Of course, you have many other kinds of modules, read the slides to know more.

Presentation slides

Slides may be found at the following link:

SinFP3, EuSecWest and ekoparty, v1.1 (PDF)

Installing the tool

You can get the tool either by installing it from CPAN usually by just running this command as root:

# cpan Net::SinFP3

Or by following instructions available on the blog:

SinFP3 operating system fingerprinting tool released

Getting support

SinFP3 has its own mailing list for support:

SinFP mailing list