Conference Hacklu SinFP3: More Than A Complete Framework For Operating System Fingerprinting

Tweet about this on TwitterDigg thisShare on RedditShare on Google+Share on FacebookEmail this to someoneShare on LinkedIn

We presented SinFP3 at hack.lu on 23rd of october. hack.lu was held in Luxembourg, Luxembourg, with around 200 attendees.

What is SinFP3

SinFP3 is a complete framework for network discovery. Its main purpose is to perform active fingerprinting, but it can also do passive fingerprinting. Both modes are available over IPv4 and IPv6. This new version introduces a plugin-based architecture, allowing anyone to develop their own tools around the framework.

The most important plugins are Input and Output ones. They allow you to specify how you acquire your targets (for instance: from a CSV file, an XML file or a database, …) and how you display the results (for instance: to a file, to a database, …). The default way of acquiring a target is through the Input::SynScan module, and the default way of displaying results is by using the Output::Console module.

Of course, you have many other kinds of modules, read the slides to know more.

Presentation slides

Slides may be found at the following link:

SinFP3, hack.lu, v1.0 (PDF)

This presentation was shorter than the one made at EuSecWest and ekopary. If you want more complete slides, you can gather them here:

SinFP3, EuSecWest and ekoparty, v1.1 (PDF)

Installing the tool

You can get the tool either by installing it from CPAN usually by just running this command as root:

# cpan Net::SinFP3

Or by following instructions available on the blog:

SinFP3 operating system fingerprinting tool released

Getting support

SinFP3 has its own mailing list for support:

SinFP mailing list

Tweet about this on TwitterDigg thisShare on RedditShare on Google+Share on FacebookEmail this to someoneShare on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked *