p0f3-3.09b – passive OS fingerprinting tool


P0f is a tool that utilizes an array of sophisticated, purely passive
traffic fingerprinting mechanisms to identify the players behind any
incidental TCP/IP communications (often as little as a single normal SYN)
without interfering in any way. Version 3 is a complete rewrite of the
original codebase, incorporating a significant number of improvements to
network-level fingerprinting, and introducing the ability to reason about
application-level payloads (e.g., HTTP).

The tool can be operated in the foreground or as a daemon, and offers a
simple real-time API (via unix domain sockets) for third-party components
that wish to obtain additional information about the actors they are
talking to.

WWW: http://lcamtuf.coredump.cx/p0f.shtml

net security

Library dependencies


Build dependencies

Run dependencies