8000 GitHub - MOL0ToK/sp0ky at v0.1.0
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

MOL0ToK/sp0ky

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

This tool analyzes first stage of TCP handshake (SYN) and recognize operating system of client

Build

To build sp0ky, you need to install Rust

git clone https://github.com/MOL0ToK/sp0ky.git
cd sp0ky
cargo build --release

./target/release/sp0ky

Run

sudo sp0ky -i <interface>

Run in docker

To access host network interfaces, you should run docker container in host network mode

docker run --net=host -e SP0KY_INTERFACE=<interface> mol0tok/sp0ky:latest

API usage

To get connection information, you can use the API on port 7564.

Request:

curl http://localhost:7564/111.111.111.111:53155

Response with result:

{"os":"Windows","signature":"4:116+12:0:1360:64240:8:mss,nop,ws,nop,nop,sok:10:000000010"}

Or without:

{}

Fingerprint (signature)

In addition to operating system information, this tool generates a fingerprint that you can use for additional processing.

Fingerprint format: IP_VERSION:TTL+HOPS:IP_OPTIONS_LENGTH:MSS:TCP_WINDOW_SIZE:TCP_WINDOW_SCALE:TCP_OPTIONS:IP_FLAGS:TCP_FLAGS

Example: 4:116+12:0:1360:64240:8:mss,nop,ws,nop,nop,sok:10:000000010

Similar tools

TODO

  • Operating system recognition
  • Network adapter recognition by MTU

About

Passive TCP/IP fingerprinting tool

Resources

Readme

License

Apache-2.0 license
Activity

Stars

28 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases 1

v0.1.0 Latest
Oct 13, 2021

Packages

No packages published

Languages

0