Capture packet request/response pairs for a port and/or IP to aid in Network protocol based Nuclei Templates creation.

Overview

network-fingerprint

License Go Report Card contributions welcome Follow on Twitter Chat on Discord

Capture packet request/response pairs for a port and/or IP to aid in Network protocol based Nuclei Templates creation.

Resources

Usage

▶ network-fingerprint -h

This will display help for the tool. Here are all the switches it supports.

Flag Description Example
iface Interface to perform capture on (default "lo0") network-fingerprint -iface eth0
ip IP to filter packets for network-fingerprint -ip 127.0.0.1
port Port to capture packets on network-fingerprint -port 27017

Installation Instructions

network-fingerprint requires go1.15+ to install successfully and have libpcap-dev installed on the system.

To install libpcap-dev:-

▶ apt install -y libpcap-dev
▶ GO111MODULE=on go get -v github.com/projectdiscovery/network-fingerprint

Running network-fingerprint

To run the tool on a target to capture traffic on a port, just use the following command.

▶ network-fingerprint -port <port>

where is the port you want to capture traffic for.

To also filter by IP while running on more common ports like 80, where there is a lot of noise, you can use the ip flag.

▶ network-fingerprint -port <port> -ip <destination-ip> 

Here is a detailed blog showcasing the uses of network-fingerprint - https://blog.projectdiscovery.io/writing-network-templates-with-nuclei/

Output Format

[email protected]# network-fingerprint -port 27017 -ip 127.0.0.1
2021/04/08 23:15:07 network-fingerprint: nuclei-helper by @pdiscoveryio
2021/04/08 23:15:07 [device] en0 IP: 192.168.1.9
2021/04/08 23:15:07 [device] bridge100 IP: 192.168.64.1
2021/04/08 23:15:07 [device] lo0 IP: 127.0.0.1
{
  "data": "\ufffd",
  "hex": "dd",
  "request": true
}
{
  "data": "?\u0001",
  "hex": "3f01",
  "response": true
}

Requests (Client to Destination) messages have request: true while responses (Destination To Client) have response: true set to help in easily identifying correct fingerprints.

Releases(v0.0.1)
Owner
ProjectDiscovery
Security Through Intelligent Automation
ProjectDiscovery
Capdns is a network capture utility designed specifically for DNS traffic. This utility is based on tcpdump.

Capdns is a network capture utility designed specifically for DNS traffic. This utility is based on tcpdump. Some of its features include: Unde

Infvie Envoy 10 Feb 26, 2022
Tapestry is an underlying distributed object location and retrieval system (DOLR) which can be used to store and locate objects. This distributed system provides an interface for storing and retrieving key-value pairs.

Tapestry This project implements Tapestry, an underlying distributed object location and retrieval system (DOLR) which can be used to store and locate

Han Cai 1 Mar 16, 2022
Allows you to programatically modify key:value sysctl pairs on MacOS

go-sysctl-mac Allows you to programatically modify key:value sysctl pairs on MacOS. Tested & confirmd to work on MacOS Big Sur & newer releases. Examp

Carter Peel 0 Dec 4, 2021
Header Block is a middleware plugin for Traefik to block request and response headers which regex matched by their name and/or value

Header Block is a middleware plugin for Traefik to block request and response headers which regex matched by their name and/or value Conf

null 3 May 24, 2022
This small service will pong the headers provided in the request as json response

This small service will pong the headers provided in the request as json response server will run on port 5000 content will be served at path /request

null 1 Dec 9, 2021
Go package to simulate bandwidth, latency and packet loss for net.PacketConn and net.Conn interfaces

lossy Go package to simulate bandwidth, latency and packet loss for net.PacketConn and net.Conn interfaces. Its main usage is to test robustness of ap

Cevat Barış Yılmaz 307 Jun 4, 2022
DNS Ping: to check packet loss and latency issues with DNS servers

DNSping DNS Ping checks packet loss and latency issues with DNS servers Installation If you have golang, easiest install is go get -u fortio.org/dnspi

Fortio (Φορτίο) 55 May 30, 2022
Prometheus exporter for ping metrics such as RTT, packet loss, and jitter to any number of hosts.

ping_exporter Command ping_exporter provides a Prometheus exporter for ping metrics such as RTT, packet loss, and jitter to any number of hosts. Usage

Beard Slayer 5 Jan 28, 2022
Provides packet processing capabilities for Go

GoPacket This library provides packet decoding capabilities for Go. See godoc for more details. Minimum Go version required is 1.5 except for pcapgo/E

Google 4.9k Jun 27, 2022
Packet Sniffer in golang

WirePenguin ?? A CLI Packet Sniffer in golang using Cobra and Gopacket packages much much simpler than WireShark =) You can capture packets both live

Mohammad ebrahim Adibzadeh 28 Jun 7, 2022
Tiny packet forwarder for golang

Tiny Packet Forwarder Usually, I use iptables on Linux to do forward. i encounter some problems sometime, for example: RDP disconnect immediately afte

null 6 May 31, 2022
Netkit - A type parameter(generics) net kit, support tcp kcp, customize packet

Netkit Netkit is a type parameter(generics) golang package Get Started Need Go i

null 1 Jan 12, 2022
Zero Trust Network Communication Sentinel provides peer-to-peer, multi-protocol, automatic networking, cross-CDN and other features for network communication.

Thank you for your interest in ZASentinel ZASentinel helps organizations improve information security by providing a better and simpler way to protect

ZTALAB 5 May 25, 2022
dumpr! is a tool to capture text based tcp traffic from the receivers point of view.

dumpr! dumpr! is a tool to capture text based tcp traffic. The project came about for the need to capture a web request from the back end. It was also

null 2 Dec 4, 2021
Request: a HTTP request library for Go with interfaces and mocks for unit tests

Requester Request is a HTTP request library for Go with interfaces and mocks for

Doğukan Aydoğdu 1 Jan 10, 2022
Microservice on IPv4: 3000 port without database. Upon request, returns the source JSON in the desired format

?? Этапы V1.0 Микросервис на IPv4:3000 порту без базы данных. По запросу возвращ

Eugene Sviat 0 Dec 22, 2021
Port-proxy - Temporary expose port for remote connections

Port proxy util Temporary expose port for remote connections. E.g. database/wind

Vadym S 1 Jan 27, 2022
wire protocol for multiplexing connections or streams into a single connection, based on a subset of the SSH Connection Protocol

qmux qmux is a wire protocol for multiplexing connections or streams into a single connection. It is based on the SSH Connection Protocol, which is th

Jeff Lindsay 189 Jun 24, 2022