Giters

aalex954 / HTTP-Fingerprinting-Server

Simple Python web server for HTTP request and browser fingerprinting with whitelist and callback functionality.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

browser-fingerprintbrowser-fingerprintingenumerationfingerprintfingerprint-scannerfingerprintinghttphttp-serverinformation-gatheringosintosint-pythonosint-toolpentestingpythonpython3recon

HTTP-Fingerprinting-Server

A Python3 web server that allows only targeted IPs and attempts to fingerprint the incoming requests by capturing connection and browser information.

The hosted HTML contains JS which will POST additional data about the browsers capabilities back to the server.

fingerprinting_server_diagram

Logged Data

  • IP
  • sec-ch-ua
  • sec-ch-ua-mobile
  • sec-ch-ua-platform
  • DNT
  • userAgent
  • screenResolution
  • installedFonts
  • browserPlugins
  • timezone
  • language
  • colorDepth
  • platform
  • User Activity via mousemoved js event listener

and more.

Setup

  • Place a whitelist.txt file at the root of the project and populate it with IPv4 or 6 address ranges in CIDR notation (/24) and new line deliniated.

  • Set a GUID for the GET handler, POST handler, and in the sample_site.html postback.

  • Send a link to the target and wait to see target details in the access.log file.

Target Scoping

Whitelisting

Add IP v4 and v6 addresses to the whitelist.txt file to target the logs and to reduce noise from bots and crawlers.

GUID for Routes

Using GUIDs for GET and POST routes will greatly reduce the number of bots and crawlers hitting your endpoints and dirtying up the logs.

About

Simple Python web server for HTTP request and browser fingerprinting with whitelist and callback functionality.

browser-fingerprintbrowser-fingerprintingenumerationfingerprintfingerprint-scannerfingerprintinghttphttp-serverinformation-gatheringosintosint-pythonosint-toolpentestingpythonpython3recon

Languages

Language:HTML 62.5%Language:Python 37.5%