after scanning a server I can see the webserver info is Werkzeug/0.10.4 Python/2.7.3
So if i see this I know not to "hack" it and its a trap...
Is there a way to change the info for the webserver identifying itself?

I do see: SERVER = 'Apache/2.2.22 (Ubuntu)' # Custom server header
but this is not being shown. let me check my configs

ok it seems someone already added custom header support. I will patch

It's been added here: ca12cb5

Nonetheless the anti fingerprint is very basic and could use some improvements, if you have ideas or patches feel free to send them my way.

Cheers ✨

I updated init.py and wordpot.conf files with the new code.
I stil get the Werkzeug/0.10.4 Python/2.7.3, I will pull a complete repo and test.
My tool i'm using to get the identity is very good to be fair on the test.
I'll post my results in a few minutes if I don't break my MHN integration

What tool is it?

Also I doubt this patch has been pushed to MHN yet. cc: @jt6211

I'm using Cobalt Strike to do my scans.
No MHN has not updated. I'm trying to update myself but got an error debugging now.

Issue has been resolved.. if anyone wants to update this to MHN that would be nice.
If you run MHN you can just clone this git and copy the env folder in

MHN updated https://github.com/threatstream/wordpot/pull/2. Thanks.

Sensor can be updated like this:

cd /opt/wordpot
sudo git fetch origin
sudo git merge origin/master
sudo supervisorctl restart wordpot