p0f – Advanced Passive OS Fingerprinting Tool

Hacking Tools Network Hacking

It was a big breakthrough to have a passive OS-fingerprinting tool after relying on Nmap and Xprobe2 for the longest time.

OS fingerprinting is a very important part of a pen-test during the information gathering stage.

P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:

*machines that connect to your box (SYN mode),
*machines you connect to (SYN+ACK mode),
*machine you cannot connect to (RST+ mode),
*machines whose communications you can observe.

P0f can also do many other tricks, and can detect or measure the following:

*firewall presence, NAT use (useful for policy enforcement),
*existence of a load balancer setup,
*the distance to the remote system and its uptime,
*other guy’s network hookup (DSL, OC3, avian carriers) and his ISP.

Donwload p0f v2 :
http://lcamtuf.coredump.cx/p0f.tgz
http://lcamtuf.coredump.cx/p0f-win32.zip (windows)

Leave a Reply