search
LinkedInGithub
githubEdit

os-fingerprinting

  • It is used to identify the target system’s operating system using active and passive fingerprinting techniques to support tailored exploitation and risk assessment.

General Way to Identify The OS

nmap -O target.com
nmap -O -Pn target.com
nmap -A target.com
xprobe2 -v target.com
nc target.com 21

Using ping Command TTL based OS Guessing

ping -c 1 target.com

  • Check the TTL value

    • ~64 -> Likely Linux/Unix

    • ~128 -> Likely Windows

    • ~225 -> Cisco/BSD

Using Hping3 Value TTL based

hping3 -S -p 80 target.com

  • Look at TTL

    • 64240 -> Linux

    • 8192 -> Windows

P0f (Passive OS Fingerprinting)

PreviousNmap Cheat SheetNextport-scanning

Last updated