Newest Listing

Top Rated

Most Popular

Passive FingerprintersRSS

Passive OS/Vulnerability Fingerprinting Applications

 These products are designed to guestimate remote operating systems, their patch level, services and sometimes even vulnerabilities.  Passive fingerprinting tools analyse communications to and from a remote host whilst it goes about it's normal business. Some Network IDS now have this capability and are referred to as Target IDS where the fingerprinting information is used to prioritise IDS alerts based upon the targets potential vulnerability to the detected attack.

 

See also Active fingerprinting tools

RNA

★★★★★

Visit the Product Site

Sourcefire Real-time Network Awareness (RNA) Sourcefire RNA is an innovative, passive sensing technology that provides real-time network intelligence to the Sourcefire 3D™ System. RNA enables organizations to confidently protect their dynamic networks ...

VendorSourcefire, Inc
Pricing ModelCommercial
Modified

Visit the Product Site

SinFP - a Perl module to do active and passive OS fingerprinting SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has. Nmap approaches to fingerprinting as shown to be efficient for years. Nowadays, with the omni-p ...

VendorGomoR
Pricing ModelFreeware
Modified

Visit the Product Site

Passive scanning of the LAN: you can retrieve info about: hosts in the lan, open ports, services version, type of the host (gateway, router or simple host) and estimated distance in hops.

VendorAlberto Ornaghi, Marco Valleri
Modified

Visit the Product Site

Archaeopteryx is a Passive mode OS Identification Tool. It is based off Siphon v.666 by SubTerrain. It has a great GUI and a highly configurable OS signature file. It uses POSIX threads for multi-threading (pthreads for Win32). Also requires WinPCAP Drive ...

VendorNT4
Pricing ModelFreeware
Modified

Visit the Product Site

The Tenable Passive Vulnerability Scanner (PVS) can find out what is happening on your network without actively scanning it. Each PVS monitors your network for vulnerable systems, watches for potential application compromises, client and server trust rela ...

VendorTenable Network Security Inc
Pricing ModelCommercial
Modified

Visit the Product Site

Disco is a passive IP discovery and fingerprinting utility designed to sit on segments distributed throughout a network to discover unique IP's on the network. In addition to IP discovery disco has the ability to passively fingerprint TCP SYN packets and ...

VendorLinux, BSD
Pricing ModelFreeware
Modified

Visit the Product Site

Satori uses Winpcap and captures packets passively at the NDIS level, every packet flying by is scrutinised for information that might determine it's OS.   It currently uses and parses the following protocols:  CDP, DHCP, EIGRP, HPSP, H ...

VendorWindows
Pricing ModelFreeware
Modified

p0f

Visit the Product Site

P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 ...

VendorMichal Zalewski (lcamtuf@coredump.cx)
Pricing ModelFreeware
Modified

Visit the Product Site

PRADS is a Passive Real-time Asset Detection System. It passively listen to network traffic and gathers information on hosts and services it sees on the network. This information can be used to map your network, letting you know what services and hosts ar ...

VendorOpen Source community
Pricing ModelOpen Source
Modified

Visit the Product Site

NetSleuth is a free network forensics and pcap file analyser. It provides offline analysis for incident response, and live "silent portscanning" functionality. Features: An easy realtime overview of what devices and what people are connected to any Wi ...

VendorNetGrab
Pricing ModelOpen Source
Modified