Passive TCP/IP fingerprinting tool

Related tags

Network programming sp0ky
Overview

This tool analyzes first stage of TCP handshake (SYN) and recognize operating system of client

Build

To build sp0ky, you need to install Rust

git clone https://github.com/MOL0ToK/sp0ky.git
cd sp0ky
cargo build --release

./target/release/sp0ky

Run

sudo sp0ky -i <interface>

Run in docker

To access host network interfaces, you should run docker container in host network mode

docker run --net=host -e SP0KY_INTERFACE=<interface> mol0tok/sp0ky:latest

API usage

To get connection information, you can use the API on port 7564.

Request:

curl http://localhost:7564/111.111.111.111:53155

Response with result:

{"os":"Windows","signature":"4:116+12:0:1360:64240:8:mss,nop,ws,nop,nop,sok:10:000000010"}

Or without:

{}

Fingerprint (signature)

In addition to operating system information, this tool generates a fingerprint that you can use for additional processing.

Fingerprint format: IP_VERSION:TTL+HOPS:IP_OPTIONS_LENGTH:MSS:TCP_WINDOW_SIZE:TCP_WINDOW_SCALE:TCP_OPTIONS:IP_FLAGS:TCP_FLAGS

Example: 4:116+12:0:1360:64240:8:mss,nop,ws,nop,nop,sok:10:000000010

Similar tools

TODO

  • Operating system recognition
  • Network adapter recognition by MTU
You might also like...
A remote shell, TCP tunnel and HTTP proxy for Replit.
A remote shell, TCP tunnel and HTTP proxy for Replit.

Autobahn A remote shell, TCP tunnel and HTTP proxy for Replit. Hybrid SSH/HTTP server for Replit. Based on leon332157/replish. Autobahn runs a WebSock

Patrick Winters 12 Sep 24, 2022
Fast User-Space TCP/UDP Stack

Catnip Catnip is a TCP/IP stack that focuses on being an embeddable, low-latency solution for user-space networking. Building and Running 1. Clone Thi

Demikernel 79 Sep 9, 2022
A tcp proxy server/client which exchange the data in temp files

ftcp A tcp proxy server/client which exchange the data in temp files 通过在临时文件中交换数据来进行TCP代理的一个服务端/客户端 学校内网中有针对教学楼的防火墙导致教室电脑难以上网( 但学校内建有公共ftp服务器,因此就有了这个借

Daile Liu 2 Feb 17, 2022
A rustic tcp + serialization abstraction.

Wire An abstraction over TCP and Serialization "put a struct in one side and it comes out the other end" Wire is a library that makes writing applicat

Ty Overby 33 May 12, 2021
Send files over TCP. Quick and simple. Made in Rust.

SFT Multithreaded utility to send files over TCP. The sender writes a header containing the filename, and then the contents of the file, buffered, to

Orel 0 Dec 24, 2021
A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls
A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls

bore A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls. That's all it does:

Eric Zhang 6.2k Dec 31, 2022
A tcp port forwarding system like ngrok.

Pruxy A tcp port forwarding system like ngrok. Todo http request handler agent - server connection agent How to use Generate cert files mkdir ssl_ce

null 1 Jan 24, 2022
An app which reads data from a serial port and serves it on a TCP port.

serial-to-tcp An app which reads data from a serial port and serves it on a TCP port. How to use Clone this repo and build the app as outlined below (

Mr. E 3 Oct 21, 2022
A multi-connection TCP reverse proxy server and client.

tprox A multi-connection TCP reverse proxy. The tprox server is able to proxy multiple incoming connections to the tprox client over a single TCP conn

Mohammed Ajmal Siddiqui 4 Sep 21, 2022
Releases(v0.1.0)

  • v0.1.0(Oct 13, 2021)

    What's Changed

    • feat: Operating system recognition by @MOL0ToK in https://github.com/MOL0ToK/sp0ky/pull/1
    • feat: Github actions by @MOL0ToK in https://github.com/MOL0ToK/sp0ky/pull/2

    New Contributors

    • @MOL0ToK made their first contribution in https://github.com/MOL0ToK/sp0ky/pull/1

    Full Changelog: https://github.com/MOL0ToK/sp0ky/commits/v0.1.0

    Source code(tar.gz)
    Source code(zip)
Owner
Ivan Tyunin
Ivan Tyunin
GitHub
a smol tcp/ip stack

smoltcp smoltcp is a standalone, event-driven TCP/IP stack that is designed for bare-metal, real-time systems. Its design goals are simplicity and rob

smoltcp 2.8k Jan 4, 2023
A high performance TCP SYN port scanner.

Armada A High-Performance TCP SYN scanner What is Armada? Armada is a high performance TCP SYN scanner. This is equivalent to the type of scanning tha

resync 259 Dec 19, 2022
A tcp over http2 + tls proxy

mtunnel A tcp over http2 + tls proxy. Usage 1. get certificates, by following steps. 2. make your config client config: { "local_addr": "127.0.0.1

cssivision 9 Sep 5, 2022
🤖 brwrs is a new protocol running over TCP/IP that is intended to be a suitable candidate for terminal-only servers

brwrs is a new protocol running over TCP/IP that is intended to be a suitable candidate for terminal-only servers (plain text data). That is, although it can be accessed from a browser, brwrs will not correctly interpret the browser's GET request.

daCoUSB 3 Jul 30, 2021
TCP is so widely used, however QUIC may have a better performance.

TCP is so widely used, however QUIC may have a better performance. For softwares which use protocols built on TCP, this program helps them take FULL advantage of QUIC.

zephyr 15 Jun 10, 2022
Simple utility to ping a TCP port.

TcpPing Simple utility to ping a TCP port. Example > tcpping 1.1.1.1 53 -b en0 -i 1 -t 4 Connected to 1.1.1.1:53 in 21 ms Connected to 1.1.1.1:53 in 3

null 11 Nov 24, 2022
Transforms UDP stream into (fake) TCP streams that can go through Layer 3 & Layer 4 (NAPT) firewalls/NATs.

Phantun A lightweight and fast UDP to TCP obfuscator. Table of Contents Phantun Latest release Overview Usage 1. Enable Kernel IP forwarding 2. Add re

Datong Sun 782 Dec 30, 2022
RedLizard - A Rust TCP Reverse Shell with SSL

RedLizard - A Rust TCP Reverse Shell with SSL RedLizard Rust TCP Reverse Shell Server/Client This is a reverse shell in Rust called RedLizard, basical

Thanasis Tserpelis 105 Dec 24, 2022
A simple tcp server that written in rustlang

rust_tcp A simple tcp server that written in rustlang How to build In the root dir cargo run Then you can do a test by using telnet as a client telne

null 1 Oct 25, 2021
Tunnel TCP traffic through SOCKS5 or HTTP using a TUN interface.

tun2proxy Tunnel TCP traffic through SOCKS5 or HTTP on Linux. Authentication not yet supported. Error handling incomplete and too restrictive. Build C

B. Blechschmidt 34 Nov 29, 2022