p0f is a tool that uses an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way.
Common uses for p0f include reconnaissance during penetration tests, routine network monitoring, detection of unauthorized network interconnects in corporate environments, providing signals for abuse-prevention tools, and miscellaneous forensics.
Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
This is free and open source software.
Key Features
- Highly scalable and extremely fast identification of the operating system and software on both endpoints of a vanilla TCP connection – especially in settings where NMap probes are blocked, too slow, unreliable, or would simply set off alarms.
- Measurement of system uptime and network hookup, distance (including topology behind NAT or packet filters), user language preferences, and so on.
- Automated detection of connection sharing / NAT, load balancing, and application-level proxying setups.
- Detection of clients and servers that forge declarative statements such as X-Mailer or User-Agent.
Website: lcamtuf.coredump.cx/p0f3
Support:
Developer: Michal Zalewski
License: GNU Lesser General Public License
p0f is written in C. Learn C with our recommended free books and free tutorials.
Related Software
| Passive OS Fingerprinting | |
|---|---|
| PacketFence | Network access control solution with passive DHCP fingerprinting |
| Ettercap | Comprehensive suite for man in the middle attacks |
| PRADS | Passive Real-time Asset Detection System |
| p0f | Array of passive traffic fingerprinting mechanisms that are highly scalable |
| satori | Python rewrite of passive OS fingerprinting tool |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Know a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |