[WEB SECURITY] httprint v301 release
hemil at net-square.com
Thu Dec 22 06:20:41 EST 2005
The latest version of httprint (v301), is available for download.
httprint is a web server fingerprinting tool. It relies on web server
characteristics to accurately identify web servers, despite the fact
that they may have been obfuscated by changing the server banner
strings, or by plug-ins such as mod_security or servermask.
httprint can also be used to detect web enabled devices which do not
have a server banner string, such as wireless access points, routers,
switches, cable modems, etc. httprint uses text signature strings and
it is very easy to add signatures to the signature database. The
current version of httprint can import web servers from nmap network
scans, if they are saved in XML format. The current version provides
reports in HTML, CSV and XML format. Current version also provides
httprint is available as a command line tool on Win32, Linux, FreeBSD
and Mac OSX. A GUI version of httprint is also available for the Win32
The current build for httprint is 301. httprint was first released at
the Blackhat Briefings USA 2003 in Las Vegas.
More details on httprint can be found at:
(original MD5 checksums are mentioned on the httprint page itself)
- New multi-threaded engine.
- SSL information gathering.
- Automatic SSL port detection.
- Bug-fix: HTTP header server banner containing <script> tags used to
- Bug-fix: HTTP server banners greater than 1024 bytes caused CPU usage
to go up to 100%.
(Both bugs reported by Mariano Nunez Di Croce mnunez at cybsec.com)
- Automatic HTTP 301, 302 traversal.
- Works with FreeBSD 4.x and 5.x.
- Cleaned up build process and version release.
- Server matches are now chosen on confidence ratings instead of
- Reports can now be generated in XML format.
- FreeBSD version available.
- Ability to import web server IP addresses and ports from nmap's XML
output files, generated by the -oX option.
- Reports can now be generated in CSV format.
- First public release.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the websecurity