wireghoul / lbmap

Advanced HTTP fingerprinting PoC

Home Page:http://www.justanotherhacker.com

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Proof of concept scripts for advanced HTTP fingerprinting, presented at
OWASP AppSecAsia 2012. These scripts should be considered a PoC or alpha quality.
Suggestions, recommendations, signatures, pathces and flames are welcome via
http://www.github.com/wireghoul/lbmap.

The following tools are included:

LBMAP
-----
lbmap is a fingerprinting tool aimed at detecting load balancers, reverse proxies,
web application firewalls and other web agents residing in front of web servers.

USAGE
lbmap [options] url

OPTIONS
--batch
--debug
--timeout
--version

lbmap is the early version of the PoC and tries to use individual requests to
fingerprint. lbmap2 is the improved version with support for passive detection,
signature based fingerprint and more. The tool currently dumps debugging output
of the fingerprinting process until a presentation format is decided.

APROF
-----
aprof is a fingerprinting tool capable of remotely detecting which modules an
Apache server has loaded.

USAGE
aprof [options] url

OPTIONS
--force
--timeout
--version

About

Advanced HTTP fingerprinting PoC

http://www.justanotherhacker.com

License:GNU General Public License v3.0


Languages

Language:Perl 85.1%Language:Shell 13.9%Language:Makefile 1.0%