Directory
Passive Fingerprinters
These products are designed to guestimate remote operating systems, their patch level, services and sometimes even vulnerabilities. Passive fingerprinting tools analyse communications to and from a remote host whilst it goes about it's normal business. Some Network IDS now have this capability and are referred to as Target IDS where the fingerprinting information is used to prioritise IDS alerts based upon the targets potential vulnerability to the detected attack. See also Active fingerprinting tools
RNA
Visit the Product SiteSourcefire Real-time Network Awareness (RNA) Sourcefire RNA is an innovative, passive sensing technology that provides real-time network intelligence to the Sourcefire 3Dâ„¢ System. RNA enables organizations to confidently protect their dynamic networ ...
SinFP
Visit the Product SiteSinFP - a Perl module to do active and passive OS fingerprinting SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has. Nmap approaches to fingerprinting as shown to be efficient for years. Nowadays, with the omni-p ...
Ettercap
Visit the Product SitePassive scanning of the LAN: you can retrieve info about: hosts in the lan, open ports, services version, type of the host (gateway, router or simple host) and estimated distance in hops.
ARCHAEOPTERYX
Visit the Product SiteArchaeopteryx is a Passive mode OS Identification Tool. It is based off Siphon v.666 by SubTerrain. It has a great GUI and a highly configurable OS signature file. It uses POSIX threads for multi-threading (pthreads for Win32). Also requires WinPCAP Drive ...
Tenable Passive Vulnerability Scanner
Visit the Product SiteThe Tenable Passive Vulnerability Scanner (PVS) can find out what is happening on your network without actively scanning it. Each PVS monitors your network for vulnerable systems, watches for potential application compromises, client and server trust rela ...
Disco
Visit the Product SiteDisco is a passive IP discovery and fingerprinting utility designed to sit on segments distributed throughout a network to discover unique IP's on the network. In addition to IP discovery disco has the ability to passively fingerprint TCP SYN packets and ...
Satori
Visit the Product SiteSatori uses Winpcap and captures packets passively at the NDIS level, every packet flying by is scrutinised for information that might determine it's OS. It currently uses and parses the following protocols: CDP, DHCP, EIGRP, HPSP, HTTP, ICMP, IGMP ...
p0f New!
Visit the Product SiteP0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on: - machines that connect to your box (SYN mode), - machines you connect to (SYN+ACK mode), - machine you cannot connect to (RST+ mode), - machin ...