Fingerprinting

Fingerprinting is the process of identifying the specific software, versions, configurations, and technologies used by a target system. This information helps attackers find known vulnerabilities and tailor their attacks.

Fingerprinting Types

Web Application Fingerprinting

# Headers reveal technology
X-Powered-By: PHP/7.4.3
Server: Apache/2.4.41 (Ubuntu)
X-AspNet-Version: 4.0.30319

# URL patterns
/wp-admin/          → WordPress
/administrator/     → Joomla
/user/login         → Drupal

# File signatures
/wp-includes/js/jquery/jquery.js
/media/system/js/mootools.js

Operating System Fingerprinting

# TCP/IP stack differences
$ nmap -O example.com

# TTL values hint at OS:
64  → Linux
128 → Windows
255 → Cisco/network device

Service Fingerprinting

# Nmap service version detection
$ nmap -sV -p 1-1000 example.com

PORT    STATE SERVICE  VERSION
22/tcp  open  ssh      OpenSSH 8.2p1
80/tcp  open  http     nginx 1.18.0
443/tcp open  ssl/http nginx 1.18.0
3306/tcp open mysql    MySQL 5.7.31

Fingerprinting Tools

• WhatWeb: Web technology identification
• Wappalyzer: Browser extension for tech detection
• Nmap: OS and service detection
• Shodan: Internet-wide device fingerprinting

See Also

• Banner Grabbing
• Google Dorking
• Subdomain Enumeration