Collaborate Disseminate
I am currently working on project that involves identifying spammers who are creating fake accounts on my site. I am interested to know what type of information I would be able to extract.
First of all, there is browser fing… Continue reading Extracting as much information from a browser request as possible?
What is the Battery Status API good for? Besides tracking you online that is. Continue reading Firefox kills the Battery Status ‘super cookie’
In the manners of Browser fingerprinting, is it possible to obtain a somewhat unique fingerprint for the device OS and hardware (a 1 out 1000 entropy score would be good enough for my needs)
Edit:
For more context, I am trying to differen… Continue reading Unique(ish) OS / hardware fingerprinting
As a follow-on to these questions:
What unique fingerprinting information can an iOS7 app collect?
What unique device fingerprinting information can an iOS8 app collect?
What unique device fingerprinting information can an iOS9 app coll… Continue reading What unique fingerprinting information can an iOS 10 app collect?
I am trying to follow the OWASP test guide on a Kali Linux machine. As the first step in “Information Gathering” I am trying to fingerprint the server. The guide instructs me to use NetCat:
$ nc www.xxx.yy 80
But after sev… Continue reading How to fingerprint a server with Netcat?
This post covers the information disclosure bugs in Internet Explorer and Edge that we sometimes refer to as ‘fingerprinting’. We review past flaws as well as a currently unpatched one used in the wild before exploring some long term mitigations.Catego… Continue reading Browser-based fingerprinting: implications and mitigations
The last high profile malvertising activity we had seen was on June 7th with a drive-by download incident on Yahoo that used Neutrino EK instead of Angler EK. This was rather unusual and was later confirmed as not just an anomaly, by the switch of expl… Continue reading Malvertising slowing down, but not out
Since the disappearance of Angler EK, exploit kit activity is at one of its lowest it has been in a long time. The focus is therefore on Neutrino EK, which has somewhat picked up the pieces, although at a much lower rate. In this post we look at a chan… Continue reading Neutrino EK: fingerprinting in a Flash
I am performing research on the security of control panel software for shared hosting providers, and I am interested to know if there is a way to identify the version of the control panel software that the server is using, fo… Continue reading Is there a way to guess a shared server’s control panel’s version?
I have searched online about this topic and the only information I got is that TCP SYN/ACK can be used to know the type of the target OS. If that is true, I don’t understand how this occurs? Does TCP handshaking lead to OS fi… Continue reading OS fingerprinting via TCP