Projects / p0f

p0f

p0f is a versatile passive OS and application fingerprinter, and a tool for detecting NAT/connection sharing. It is useful for penetration testing, routine network monitoring, and forensics, and to aid abuse detection tools such as IDSes, spam filters, or honeypots.

Tags
Licenses
Operating Systems
Implementation

Recent releases

  •  16 Jan 2012 22:02

    Release Notes: This complete rewrite adds a range of new TCP fingerprinting mechanisms, sophisticated NAT detection, HTTP inspection and fingerprinting, and updated signatures.

    •  06 Sep 2006 10:41

      Release Notes: New fingerprints were added. Diagnostic and statistics query mode and utilities were contributed. Other minor fixes were made.

      •  10 Aug 2006 14:45

        Release Notes: New fingerprints were added, including ones for Windows Vista. Support for older architectures was improved. The plugin query capability was improved. Minor bugfixes were made.

        •  09 Mar 2006 21:11

          Release Notes: New signatures, better logging, and various minor improvements. Fixes to compile on newer Linux distributions. A Cygwin port.

          •  13 Sep 2004 19:33

            Release Notes: Established connection fingerprinting (ACK mode) is now supported. 802.1Q VLAN support had been added. New fingerprints are available. Minor other tweaks have been added.

            Recent comments

            15 Nov 2010 10:28 fpreussner

            I'm looking for an up-to-date fingerprint collection. Is there one?

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.