Conference Hacklu SinFP3: More Than A Complete Framework For Operating System Fingerprinting

We presented SinFP3 at hack.lu on 23rd of october. hack.lu was held in Luxembourg, Luxembourg, with around 200 attendees.

What is SinFP3

SinFP3 is a complete framework for network discovery. Its main purpose is to perform active fingerprinting, but it can also do passive fingerprinting. Both modes are available over IPv4 and IPv6. This new version introduces a plugin-based architecture, allowing anyone to develop their own tools around the framework.

The most important plugins are Input and Output ones. They allow you to specify how you acquire your targets (for instance: from a CSV file, an XML file or a database, …) and how you display the results (for instance: to a file, to a database, …). The default way of acquiring a target is through the Input::SynScan module, and the default way of displaying results is by using the Output::Console module.

Of course, you have many other kinds of modules, read the slides to know more.

Presentation slides

Slides may be found at the following link:

SinFP3, hack.lu, v1.0 (PDF)

This presentation was shorter than the one made at EuSecWest and ekopary. If you want more complete slides, you can gather them here:

SinFP3, EuSecWest and ekoparty, v1.1 (PDF)

Installing the tool

You can get the tool either by installing it from CPAN usually by just running this command as root:

# cpan Net::SinFP3

Or by following instructions available on the blog:

SinFP3 operating system fingerprinting tool released

Getting support

SinFP3 has its own mailing list for support:

SinFP mailing list

SinFP3 Research To Be Presented At Hacklu 2012

We will present operating system fingerprinting research at upcoming top security conference hack.lu 2012 in Luxembourg, Luxembourg (october 23rd to 25th 2012).

SinFP3 is a complete framework for network reconnaissance, with a primary focus on performing active and passive operating system fingerprinting. To have an overview of some features, see our blog post made as a teaser for conferences: Network vizualisation with SinFP3 and Ubigraph.

This presentation will be shorter than the one presented at ekoparty and EuSecWest. You can expect a new version release for this occasion.