httprint
httprint is a web server fingerprinting tool that identifies web servers based on their characteristics, even if obfuscated by banner changes or plugins. It can also detect web-enabled devices without server banners, such as routers and access points.
Description
httprint is a web server fingerprinting tool designed to accurately identify web servers despite obfuscation techniques like changing server banner strings or using plugins such as mod_security or servermask. It relies on unique text signature strings from server responses, making it easy to extend the signature database for new servers or devices.
Use cases include reconnaissance during penetration testing to identify server types, detecting hidden web services on network devices like wireless access points, routers, switches, and cable modems. The tool supports input from hosts, files, or Nmap XML outputs, with flexible output formats for reporting.
It is particularly useful in scenarios where standard banner grabbing fails due to masking, providing deeper insights into the web infrastructure for further vulnerability assessment.
How It Works
httprint sends HTTP requests to target hosts and analyzes server responses using a database of text signature strings that match unique characteristics in headers, error pages, and other responses. These signatures allow identification even without standard server banners. It supports HTTP and HTTPS (with automatic SSL detection unless disabled), handles redirects optionally, and uses multithreading for efficiency across IP ranges or lists.
Installation
sudo apt install httprintFlags
Examples
httprint -h www1.example.com -s signatures.txthttprint -h https://www2.example.com/ -s signatures.txthttprint -h http://www3.example.com:8080/ -s signatures.txthttprint -h www1.example.com -s signatures.txt -noautosslhttprint -h 10.0.1.1-10.0.1.254 -s signatures.txt -o 10_0_1_x.htmlhttprint -x nmap.xml -s signatures.txt -oc report.csvhttprint -x nmap.xml -s signatures.txt -ox report.xmlhttprint -i input.txt -s signatures.txt -o output.html -th 16