fingerprint-mcp 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (269) hide show
  1. package/LICENSE +663 -0
  2. package/README.ar.md +767 -0
  3. package/README.bn.md +767 -0
  4. package/README.bs.md +767 -0
  5. package/README.da.md +767 -0
  6. package/README.de.md +770 -0
  7. package/README.el.md +767 -0
  8. package/README.es.md +769 -0
  9. package/README.fr.md +769 -0
  10. package/README.hi.md +767 -0
  11. package/README.it.md +767 -0
  12. package/README.ja.md +767 -0
  13. package/README.ko.md +772 -0
  14. package/README.md +767 -0
  15. package/README.no.md +767 -0
  16. package/README.pl.md +767 -0
  17. package/README.pt-BR.md +767 -0
  18. package/README.ru.md +767 -0
  19. package/README.th.md +767 -0
  20. package/README.tr.md +767 -0
  21. package/README.uk.md +767 -0
  22. package/README.vi.md +767 -0
  23. package/README.zh-TW.md +768 -0
  24. package/README.zh.md +768 -0
  25. package/dist/app/index.d.ts +3 -0
  26. package/dist/app/index.d.ts.map +1 -0
  27. package/dist/app/index.js +614 -0
  28. package/dist/app/index.js.map +1 -0
  29. package/dist/composite/analyze.d.ts +3 -0
  30. package/dist/composite/analyze.d.ts.map +1 -0
  31. package/dist/composite/analyze.js +59 -0
  32. package/dist/composite/analyze.js.map +1 -0
  33. package/dist/composite/correlate.d.ts +3 -0
  34. package/dist/composite/correlate.d.ts.map +1 -0
  35. package/dist/composite/correlate.js +184 -0
  36. package/dist/composite/correlate.js.map +1 -0
  37. package/dist/composite/enumerate.d.ts +3 -0
  38. package/dist/composite/enumerate.d.ts.map +1 -0
  39. package/dist/composite/enumerate.js +94 -0
  40. package/dist/composite/enumerate.js.map +1 -0
  41. package/dist/composite/helpers.d.ts +22 -0
  42. package/dist/composite/helpers.d.ts.map +1 -0
  43. package/dist/composite/helpers.js +111 -0
  44. package/dist/composite/helpers.js.map +1 -0
  45. package/dist/composite/index.d.ts +3 -0
  46. package/dist/composite/index.d.ts.map +1 -0
  47. package/dist/composite/index.js +29 -0
  48. package/dist/composite/index.js.map +1 -0
  49. package/dist/composite/meta.d.ts +3 -0
  50. package/dist/composite/meta.d.ts.map +1 -0
  51. package/dist/composite/meta.js +23 -0
  52. package/dist/composite/meta.js.map +1 -0
  53. package/dist/composite/osint.d.ts +3 -0
  54. package/dist/composite/osint.d.ts.map +1 -0
  55. package/dist/composite/osint.js +40 -0
  56. package/dist/composite/osint.js.map +1 -0
  57. package/dist/composite/recon.d.ts +3 -0
  58. package/dist/composite/recon.d.ts.map +1 -0
  59. package/dist/composite/recon.js +131 -0
  60. package/dist/composite/recon.js.map +1 -0
  61. package/dist/composite/scan-dns.d.ts +3 -0
  62. package/dist/composite/scan-dns.d.ts.map +1 -0
  63. package/dist/composite/scan-dns.js +44 -0
  64. package/dist/composite/scan-dns.js.map +1 -0
  65. package/dist/composite/scan-http.d.ts +3 -0
  66. package/dist/composite/scan-http.d.ts.map +1 -0
  67. package/dist/composite/scan-http.js +68 -0
  68. package/dist/composite/scan-http.js.map +1 -0
  69. package/dist/composite/scan-paths.d.ts +3 -0
  70. package/dist/composite/scan-paths.d.ts.map +1 -0
  71. package/dist/composite/scan-paths.js +32 -0
  72. package/dist/composite/scan-paths.js.map +1 -0
  73. package/dist/composite/scan-ports.d.ts +3 -0
  74. package/dist/composite/scan-ports.d.ts.map +1 -0
  75. package/dist/composite/scan-ports.js +79 -0
  76. package/dist/composite/scan-ports.js.map +1 -0
  77. package/dist/composite/scan-services.d.ts +3 -0
  78. package/dist/composite/scan-services.d.ts.map +1 -0
  79. package/dist/composite/scan-services.js +111 -0
  80. package/dist/composite/scan-services.js.map +1 -0
  81. package/dist/composite/scan-tls.d.ts +3 -0
  82. package/dist/composite/scan-tls.d.ts.map +1 -0
  83. package/dist/composite/scan-tls.js +32 -0
  84. package/dist/composite/scan-tls.js.map +1 -0
  85. package/dist/composite/scan-waf.d.ts +3 -0
  86. package/dist/composite/scan-waf.d.ts.map +1 -0
  87. package/dist/composite/scan-waf.js +35 -0
  88. package/dist/composite/scan-waf.js.map +1 -0
  89. package/dist/correlation/index.d.ts +3 -0
  90. package/dist/correlation/index.d.ts.map +1 -0
  91. package/dist/correlation/index.js +1044 -0
  92. package/dist/correlation/index.js.map +1 -0
  93. package/dist/data/analytics-patterns.d.ts +21 -0
  94. package/dist/data/analytics-patterns.d.ts.map +1 -0
  95. package/dist/data/analytics-patterns.js +449 -0
  96. package/dist/data/analytics-patterns.js.map +1 -0
  97. package/dist/data/app-signatures.d.ts +52 -0
  98. package/dist/data/app-signatures.d.ts.map +1 -0
  99. package/dist/data/app-signatures.js +1143 -0
  100. package/dist/data/app-signatures.js.map +1 -0
  101. package/dist/data/c2-signatures.d.ts +54 -0
  102. package/dist/data/c2-signatures.d.ts.map +1 -0
  103. package/dist/data/c2-signatures.js +256 -0
  104. package/dist/data/c2-signatures.js.map +1 -0
  105. package/dist/data/cloud-ranges.d.ts +34 -0
  106. package/dist/data/cloud-ranges.d.ts.map +1 -0
  107. package/dist/data/cloud-ranges.js +628 -0
  108. package/dist/data/cloud-ranges.js.map +1 -0
  109. package/dist/data/cookie-patterns.d.ts +28 -0
  110. package/dist/data/cookie-patterns.d.ts.map +1 -0
  111. package/dist/data/cookie-patterns.js +225 -0
  112. package/dist/data/cookie-patterns.js.map +1 -0
  113. package/dist/data/error-signatures.d.ts +19 -0
  114. package/dist/data/error-signatures.d.ts.map +1 -0
  115. package/dist/data/error-signatures.js +321 -0
  116. package/dist/data/error-signatures.js.map +1 -0
  117. package/dist/data/favicon-hashes.d.ts +25 -0
  118. package/dist/data/favicon-hashes.d.ts.map +1 -0
  119. package/dist/data/favicon-hashes.js +249 -0
  120. package/dist/data/favicon-hashes.js.map +1 -0
  121. package/dist/data/h2-signatures.d.ts +50 -0
  122. package/dist/data/h2-signatures.d.ts.map +1 -0
  123. package/dist/data/h2-signatures.js +211 -0
  124. package/dist/data/h2-signatures.js.map +1 -0
  125. package/dist/data/header-order.d.ts +38 -0
  126. package/dist/data/header-order.d.ts.map +1 -0
  127. package/dist/data/header-order.js +185 -0
  128. package/dist/data/header-order.js.map +1 -0
  129. package/dist/data/jarm-signatures.d.ts +25 -0
  130. package/dist/data/jarm-signatures.d.ts.map +1 -0
  131. package/dist/data/jarm-signatures.js +213 -0
  132. package/dist/data/jarm-signatures.js.map +1 -0
  133. package/dist/data/saas-patterns.d.ts +23 -0
  134. package/dist/data/saas-patterns.d.ts.map +1 -0
  135. package/dist/data/saas-patterns.js +139 -0
  136. package/dist/data/saas-patterns.js.map +1 -0
  137. package/dist/data/sensitive-paths.d.ts +12 -0
  138. package/dist/data/sensitive-paths.d.ts.map +1 -0
  139. package/dist/data/sensitive-paths.js +1539 -0
  140. package/dist/data/sensitive-paths.js.map +1 -0
  141. package/dist/data/service-banners.d.ts +59 -0
  142. package/dist/data/service-banners.d.ts.map +1 -0
  143. package/dist/data/service-banners.js +323 -0
  144. package/dist/data/service-banners.js.map +1 -0
  145. package/dist/data/smtp-signatures.d.ts +12 -0
  146. package/dist/data/smtp-signatures.d.ts.map +1 -0
  147. package/dist/data/smtp-signatures.js +350 -0
  148. package/dist/data/smtp-signatures.js.map +1 -0
  149. package/dist/data/takeover-patterns.d.ts +37 -0
  150. package/dist/data/takeover-patterns.d.ts.map +1 -0
  151. package/dist/data/takeover-patterns.js +249 -0
  152. package/dist/data/takeover-patterns.js.map +1 -0
  153. package/dist/data/tech-patterns.d.ts +44 -0
  154. package/dist/data/tech-patterns.d.ts.map +1 -0
  155. package/dist/data/tech-patterns.js +690 -0
  156. package/dist/data/tech-patterns.js.map +1 -0
  157. package/dist/data/waf-signatures.d.ts +21 -0
  158. package/dist/data/waf-signatures.d.ts.map +1 -0
  159. package/dist/data/waf-signatures.js +318 -0
  160. package/dist/data/waf-signatures.js.map +1 -0
  161. package/dist/dns/index.d.ts +3 -0
  162. package/dist/dns/index.d.ts.map +1 -0
  163. package/dist/dns/index.js +1067 -0
  164. package/dist/dns/index.js.map +1 -0
  165. package/dist/enum/index.d.ts +3 -0
  166. package/dist/enum/index.d.ts.map +1 -0
  167. package/dist/enum/index.js +818 -0
  168. package/dist/enum/index.js.map +1 -0
  169. package/dist/h2/index.d.ts +3 -0
  170. package/dist/h2/index.d.ts.map +1 -0
  171. package/dist/h2/index.js +414 -0
  172. package/dist/h2/index.js.map +1 -0
  173. package/dist/http/index.d.ts +3 -0
  174. package/dist/http/index.d.ts.map +1 -0
  175. package/dist/http/index.js +2444 -0
  176. package/dist/http/index.js.map +1 -0
  177. package/dist/identify/index.d.ts +3 -0
  178. package/dist/identify/index.d.ts.map +1 -0
  179. package/dist/identify/index.js +447 -0
  180. package/dist/identify/index.js.map +1 -0
  181. package/dist/index.d.ts +3 -0
  182. package/dist/index.d.ts.map +1 -0
  183. package/dist/index.js +165 -0
  184. package/dist/index.js.map +1 -0
  185. package/dist/infra/index.d.ts +3 -0
  186. package/dist/infra/index.d.ts.map +1 -0
  187. package/dist/infra/index.js +989 -0
  188. package/dist/infra/index.js.map +1 -0
  189. package/dist/iot/index.d.ts +3 -0
  190. package/dist/iot/index.d.ts.map +1 -0
  191. package/dist/iot/index.js +610 -0
  192. package/dist/iot/index.js.map +1 -0
  193. package/dist/meta/index.d.ts +3 -0
  194. package/dist/meta/index.d.ts.map +1 -0
  195. package/dist/meta/index.js +442 -0
  196. package/dist/meta/index.js.map +1 -0
  197. package/dist/osint/index.d.ts +3 -0
  198. package/dist/osint/index.d.ts.map +1 -0
  199. package/dist/osint/index.js +687 -0
  200. package/dist/osint/index.js.map +1 -0
  201. package/dist/passive/index.d.ts +3 -0
  202. package/dist/passive/index.d.ts.map +1 -0
  203. package/dist/passive/index.js +944 -0
  204. package/dist/passive/index.js.map +1 -0
  205. package/dist/path/index.d.ts +3 -0
  206. package/dist/path/index.d.ts.map +1 -0
  207. package/dist/path/index.js +878 -0
  208. package/dist/path/index.js.map +1 -0
  209. package/dist/protocol/mcp-server.d.ts +4 -0
  210. package/dist/protocol/mcp-server.d.ts.map +1 -0
  211. package/dist/protocol/mcp-server.js +32 -0
  212. package/dist/protocol/mcp-server.js.map +1 -0
  213. package/dist/protocol/tools.d.ts +3 -0
  214. package/dist/protocol/tools.d.ts.map +1 -0
  215. package/dist/protocol/tools.js +5 -0
  216. package/dist/protocol/tools.js.map +1 -0
  217. package/dist/service/index.d.ts +3 -0
  218. package/dist/service/index.d.ts.map +1 -0
  219. package/dist/service/index.js +1053 -0
  220. package/dist/service/index.js.map +1 -0
  221. package/dist/smtp/index.d.ts +3 -0
  222. package/dist/smtp/index.d.ts.map +1 -0
  223. package/dist/smtp/index.js +437 -0
  224. package/dist/smtp/index.js.map +1 -0
  225. package/dist/ssh/index.d.ts +3 -0
  226. package/dist/ssh/index.d.ts.map +1 -0
  227. package/dist/ssh/index.js +676 -0
  228. package/dist/ssh/index.js.map +1 -0
  229. package/dist/tcp/index.d.ts +3 -0
  230. package/dist/tcp/index.d.ts.map +1 -0
  231. package/dist/tcp/index.js +369 -0
  232. package/dist/tcp/index.js.map +1 -0
  233. package/dist/timing/index.d.ts +3 -0
  234. package/dist/timing/index.d.ts.map +1 -0
  235. package/dist/timing/index.js +425 -0
  236. package/dist/timing/index.js.map +1 -0
  237. package/dist/tls/index.d.ts +3 -0
  238. package/dist/tls/index.d.ts.map +1 -0
  239. package/dist/tls/index.js +1332 -0
  240. package/dist/tls/index.js.map +1 -0
  241. package/dist/types/index.d.ts +26 -0
  242. package/dist/types/index.d.ts.map +1 -0
  243. package/dist/types/index.js +8 -0
  244. package/dist/types/index.js.map +1 -0
  245. package/dist/utils/cache.d.ts +11 -0
  246. package/dist/utils/cache.d.ts.map +1 -0
  247. package/dist/utils/cache.js +35 -0
  248. package/dist/utils/cache.js.map +1 -0
  249. package/dist/utils/murmurhash3.d.ts +3 -0
  250. package/dist/utils/murmurhash3.d.ts.map +1 -0
  251. package/dist/utils/murmurhash3.js +57 -0
  252. package/dist/utils/murmurhash3.js.map +1 -0
  253. package/dist/utils/rate-limiter.d.ts +10 -0
  254. package/dist/utils/rate-limiter.d.ts.map +1 -0
  255. package/dist/utils/rate-limiter.js +35 -0
  256. package/dist/utils/rate-limiter.js.map +1 -0
  257. package/dist/utils/require-key.d.ts +2 -0
  258. package/dist/utils/require-key.d.ts.map +1 -0
  259. package/dist/utils/require-key.js +8 -0
  260. package/dist/utils/require-key.js.map +1 -0
  261. package/dist/waf/index.d.ts +3 -0
  262. package/dist/waf/index.d.ts.map +1 -0
  263. package/dist/waf/index.js +767 -0
  264. package/dist/waf/index.js.map +1 -0
  265. package/dist/web/index.d.ts +3 -0
  266. package/dist/web/index.d.ts.map +1 -0
  267. package/dist/web/index.js +1366 -0
  268. package/dist/web/index.js.map +1 -0
  269. package/package.json +66 -0
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cookie-patterns.d.ts","sourceRoot":"","sources":["../../src/data/cookie-patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,oCAAoC;AACpC,MAAM,WAAW,aAAa;IAC5B,8DAA8D;IAC9D,OAAO,EAAE,MAAM,CAAC;IAChB,sDAAsD;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,8BAA8B;IAC9B,QAAQ,EAAE,SAAS,GAAG,gBAAgB,GAAG,UAAU,GAAG,WAAW,CAAC;IAClE,gDAAgD;IAChD,UAAU,EAAE,MAAM,CAAC;IACnB,mFAAmF;IACnF,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,eAAO,MAAM,eAAe,EAAE,aAAa,EAyN1C,CAAC"}
@@ -0,0 +1,225 @@
1
+ /**
2
+ * HTTP cookie patterns for technology and infrastructure identification.
3
+ *
4
+ * Web servers, frameworks, load balancers, CDNs, and WAFs set distinctive cookies
5
+ * that reveal the underlying technology stack. Some infrastructure cookies (F5 BIG-IP,
6
+ * Citrix NetScaler) encode backend server addresses that can be decoded to discover
7
+ * internal network topology.
8
+ *
9
+ * References:
10
+ * - https://github.com/AliasIO/wappalyzer
11
+ * - https://support.f5.com/csp/article/K6917 (BIG-IP cookie persistence)
12
+ * - https://support.citrix.com/article/CTX206793 (NetScaler persistence)
13
+ */
14
+ export const COOKIE_PATTERNS = [
15
+ // ──────────────────────────────────────────────────
16
+ // Session / Framework Identification
17
+ // ──────────────────────────────────────────────────
18
+ {
19
+ pattern: "^PHPSESSID$",
20
+ name: "PHP Session",
21
+ category: "session",
22
+ technology: "PHP",
23
+ },
24
+ {
25
+ pattern: "^JSESSIONID$",
26
+ name: "Java Servlet Session",
27
+ category: "session",
28
+ technology: "Java (Servlet/JSP)",
29
+ },
30
+ {
31
+ pattern: "^ASP\\.NET_SessionId$",
32
+ name: "ASP.NET Session",
33
+ category: "session",
34
+ technology: "ASP.NET",
35
+ },
36
+ {
37
+ pattern: "^connect\\.sid$",
38
+ name: "Express.js Session",
39
+ category: "session",
40
+ technology: "Express.js (Node.js)",
41
+ },
42
+ {
43
+ pattern: "^laravel_session$",
44
+ name: "Laravel Session",
45
+ category: "session",
46
+ technology: "Laravel (PHP)",
47
+ },
48
+ {
49
+ pattern: "^rack\\.session$",
50
+ name: "Rack Session (Ruby)",
51
+ category: "session",
52
+ technology: "Ruby on Rails / Sinatra",
53
+ },
54
+ {
55
+ pattern: "^_session_id$",
56
+ name: "Rails Session",
57
+ category: "session",
58
+ technology: "Ruby on Rails",
59
+ },
60
+ {
61
+ pattern: "^wordpress_test_cookie$",
62
+ name: "WordPress Test Cookie",
63
+ category: "session",
64
+ technology: "WordPress",
65
+ },
66
+ {
67
+ pattern: "^wordpress_logged_in_",
68
+ name: "WordPress Auth Cookie",
69
+ category: "session",
70
+ technology: "WordPress",
71
+ },
72
+ {
73
+ pattern: "^wp-settings-",
74
+ name: "WordPress Settings Cookie",
75
+ category: "session",
76
+ technology: "WordPress",
77
+ },
78
+ {
79
+ pattern: "^SESS[0-9a-f]{32}$",
80
+ name: "Drupal Session",
81
+ category: "session",
82
+ technology: "Drupal",
83
+ },
84
+ {
85
+ pattern: "^SSESS[0-9a-f]{32}$",
86
+ name: "Drupal Secure Session",
87
+ category: "session",
88
+ technology: "Drupal (HTTPS)",
89
+ },
90
+ {
91
+ pattern: "^ci_session$",
92
+ name: "CodeIgniter Session",
93
+ category: "session",
94
+ technology: "CodeIgniter (PHP)",
95
+ },
96
+ {
97
+ pattern: "^csrftoken$",
98
+ name: "Django CSRF Token",
99
+ category: "session",
100
+ technology: "Django (Python)",
101
+ },
102
+ {
103
+ pattern: "^sessionid$",
104
+ name: "Django Session",
105
+ category: "session",
106
+ technology: "Django (Python)",
107
+ },
108
+ {
109
+ pattern: "^_gorilla_csrf$",
110
+ name: "Gorilla CSRF Token",
111
+ category: "session",
112
+ technology: "Go (Gorilla toolkit)",
113
+ },
114
+ // ──────────────────────────────────────────────────
115
+ // Infrastructure / Load Balancer
116
+ // ──────────────────────────────────────────────────
117
+ {
118
+ pattern: "^BIGipServer",
119
+ name: "F5 BIG-IP Persistence Cookie",
120
+ category: "infrastructure",
121
+ technology: "F5 BIG-IP",
122
+ decode: "Decimal cookie value encodes backend IP:port. Split value by '.': " +
123
+ "first part is encoded IP (convert to hex, reverse byte pairs, convert each pair to decimal octets), " +
124
+ "second part is encoded port (convert to hex, reverse byte pair, convert to decimal). " +
125
+ "Example: 1677787402.36895.0000 -> IP 10.1.1.100, port 8080.",
126
+ },
127
+ {
128
+ pattern: "^NSC_",
129
+ name: "Citrix NetScaler Persistence Cookie",
130
+ category: "infrastructure",
131
+ technology: "Citrix NetScaler / ADC",
132
+ decode: "Cookie name suffix after 'NSC_' is the vserver name with character substitution " +
133
+ "(a-z mapped by XOR/Caesar). Cookie value is hex-encoded: first 8 hex chars = " +
134
+ "XOR-decoded VIP address, next 4 hex chars = XOR-decoded port. XOR key is 0x03.",
135
+ },
136
+ {
137
+ pattern: "^ROUTEID$",
138
+ name: "HAProxy Route Persistence",
139
+ category: "infrastructure",
140
+ technology: "HAProxy",
141
+ decode: "Value is the backend server identifier from HAProxy configuration (server directive name). " +
142
+ "Reveals internal node naming conventions.",
143
+ },
144
+ {
145
+ pattern: "^SERVERID$",
146
+ name: "HAProxy Server ID",
147
+ category: "infrastructure",
148
+ technology: "HAProxy",
149
+ decode: "Value is the backend server name or address assigned in HAProxy config.",
150
+ },
151
+ {
152
+ pattern: "^AWSALB$",
153
+ name: "AWS Application Load Balancer",
154
+ category: "infrastructure",
155
+ technology: "AWS ALB",
156
+ decode: "Base64-encoded value contains ALB identifier and target group routing info. " +
157
+ "Decoding reveals the ALB internal name and availability zone.",
158
+ },
159
+ {
160
+ pattern: "^AWSALBCORS$",
161
+ name: "AWS ALB CORS Cookie",
162
+ category: "infrastructure",
163
+ technology: "AWS ALB",
164
+ },
165
+ {
166
+ pattern: "^GCLB$",
167
+ name: "Google Cloud Load Balancer",
168
+ category: "infrastructure",
169
+ technology: "Google Cloud Platform",
170
+ decode: "Base64-encoded value identifies the backend service instance.",
171
+ },
172
+ // ──────────────────────────────────────────────────
173
+ // Security / CDN / WAF
174
+ // ──────────────────────────────────────────────────
175
+ {
176
+ pattern: "^__cfduid$",
177
+ name: "Cloudflare Device ID (deprecated)",
178
+ category: "security",
179
+ technology: "Cloudflare",
180
+ },
181
+ {
182
+ pattern: "^__cf_bm$",
183
+ name: "Cloudflare Bot Management",
184
+ category: "security",
185
+ technology: "Cloudflare",
186
+ },
187
+ {
188
+ pattern: "^_cfuvid$",
189
+ name: "Cloudflare Unique Visitor ID",
190
+ category: "security",
191
+ technology: "Cloudflare",
192
+ },
193
+ {
194
+ pattern: "^cf_clearance$",
195
+ name: "Cloudflare Challenge Clearance",
196
+ category: "security",
197
+ technology: "Cloudflare",
198
+ },
199
+ {
200
+ pattern: "^incap_ses_",
201
+ name: "Imperva Incapsula Session",
202
+ category: "security",
203
+ technology: "Imperva / Incapsula WAF",
204
+ decode: "Cookie name suffix contains session and site identifiers. Value is an encrypted session token.",
205
+ },
206
+ {
207
+ pattern: "^visid_incap_",
208
+ name: "Imperva Incapsula Visitor ID",
209
+ category: "security",
210
+ technology: "Imperva / Incapsula WAF",
211
+ },
212
+ {
213
+ pattern: "^__hssc$",
214
+ name: "HubSpot Session Cookie",
215
+ category: "analytics",
216
+ technology: "HubSpot",
217
+ },
218
+ {
219
+ pattern: "^__hstc$",
220
+ name: "HubSpot Tracking Cookie",
221
+ category: "analytics",
222
+ technology: "HubSpot",
223
+ },
224
+ ];
225
+ //# sourceMappingURL=cookie-patterns.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cookie-patterns.js","sourceRoot":"","sources":["../../src/data/cookie-patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAgBH,MAAM,CAAC,MAAM,eAAe,GAAoB;IAC9C,qDAAqD;IACrD,qCAAqC;IACrC,qDAAqD;IACrD;QACE,OAAO,EAAE,aAAa;QACtB,IAAI,EAAE,aAAa;QACnB,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,KAAK;KAClB;IACD;QACE,OAAO,EAAE,cAAc;QACvB,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,oBAAoB;KACjC;IACD;QACE,OAAO,EAAE,uBAAuB;QAChC,IAAI,EAAE,iBAAiB;QACvB,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,SAAS;KACtB;IACD;QACE,OAAO,EAAE,iBAAiB;QAC1B,IAAI,EAAE,oBAAoB;QAC1B,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,sBAAsB;KACnC;IACD;QACE,OAAO,EAAE,mBAAmB;QAC5B,IAAI,EAAE,iBAAiB;QACvB,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,eAAe;KAC5B;IACD;QACE,OAAO,EAAE,kBAAkB;QAC3B,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,yBAAyB;KACtC;IACD;QACE,OAAO,EAAE,eAAe;QACxB,IAAI,EAAE,eAAe;QACrB,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,eAAe;KAC5B;IACD;QACE,OAAO,EAAE,yBAAyB;QAClC,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,WAAW;KACxB;IACD;QACE,OAAO,EAAE,uBAAuB;QAChC,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,WAAW;KACxB;IACD;QACE,OAAO,EAAE,eAAe;QACxB,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,WAAW;KACxB;IACD;QACE,OAAO,EAAE,oBAAoB;QAC7B,IAAI,EAAE,gBAAgB;QACtB,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,QAAQ;KACrB;IACD;QACE,OAAO,EAAE,qBAAqB;QAC9B,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,gBAAgB;KAC7B;IACD;QACE,OAAO,EAAE,cAAc;QACvB,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,mBAAmB;KAChC;IACD;QACE,OAAO,EAAE,aAAa;QACtB,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,iBAAiB;KAC9B;IACD;QACE,OAAO,EAAE,aAAa;QACtB,IAAI,EAAE,gBAAgB;QACtB,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,iBAAiB;KAC9B;IACD;QACE,OAAO,EAAE,iBAAiB;QAC1B,IAAI,EAAE,oBAAoB;QAC1B,QAAQ,EAAE,SAAS;QACnB,UAAU,EAAE,sBAAsB;KACnC;IAED,qDAAqD;IACrD,iCAAiC;IACjC,qDAAqD;IACrD;QACE,OAAO,EAAE,cAAc;QACvB,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,gBAAgB;QAC1B,UAAU,EAAE,WAAW;QACvB,MAAM,EACJ,oEAAoE;YACpE,sGAAsG;YACtG,uFAAuF;YACvF,6DAA6D;KAChE;IACD;QACE,OAAO,EAAE,OAAO;QAChB,IAAI,EAAE,qCAAqC;QAC3C,QAAQ,EAAE,gBAAgB;QAC1B,UAAU,EAAE,wBAAwB;QACpC,MAAM,EACJ,kFAAkF;YAClF,+EAA+E;YAC/E,gFAAgF;KACnF;IACD;QACE,OAAO,EAAE,WAAW;QACpB,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,gBAAgB;QAC1B,UAAU,EAAE,SAAS;QACrB,MAAM,EACJ,6FAA6F;YAC7F,2CAA2C;KAC9C;IACD;QACE,OAAO,EAAE,YAAY;QACrB,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,gBAAgB;QAC1B,UAAU,EAAE,SAAS;QACrB,MAAM,EAAE,yEAAyE;KAClF;IACD;QACE,OAAO,EAAE,UAAU;QACnB,IAAI,EAAE,+BAA+B;QACrC,QAAQ,EAAE,gBAAgB;QAC1B,UAAU,EAAE,SAAS;QACrB,MAAM,EACJ,8EAA8E;YAC9E,+DAA+D;KAClE;IACD;QACE,OAAO,EAAE,cAAc;QACvB,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,gBAAgB;QAC1B,UAAU,EAAE,SAAS;KACtB;IACD;QACE,OAAO,EAAE,QAAQ;QACjB,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,gBAAgB;QAC1B,UAAU,EAAE,uBAAuB;QACnC,MAAM,EAAE,+DAA+D;KACxE;IAED,qDAAqD;IACrD,uBAAuB;IACvB,qDAAqD;IACrD;QACE,OAAO,EAAE,YAAY;QACrB,IAAI,EAAE,mCAAmC;QACzC,QAAQ,EAAE,UAAU;QACpB,UAAU,EAAE,YAAY;KACzB;IACD;QACE,OAAO,EAAE,WAAW;QACpB,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,UAAU;QACpB,UAAU,EAAE,YAAY;KACzB;IACD;QACE,OAAO,EAAE,WAAW;QACpB,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,UAAU;QACpB,UAAU,EAAE,YAAY;KACzB;IACD;QACE,OAAO,EAAE,gBAAgB;QACzB,IAAI,EAAE,gCAAgC;QACtC,QAAQ,EAAE,UAAU;QACpB,UAAU,EAAE,YAAY;KACzB;IACD;QACE,OAAO,EAAE,aAAa;QACtB,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,UAAU;QACpB,UAAU,EAAE,yBAAyB;QACrC,MAAM,EACJ,gGAAgG;KACnG;IACD;QACE,OAAO,EAAE,eAAe;QACxB,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,UAAU;QACpB,UAAU,EAAE,yBAAyB;KACtC;IACD;QACE,OAAO,EAAE,UAAU;QACnB,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,WAAW;QACrB,UAAU,EAAE,SAAS;KACtB;IACD;QACE,OAAO,EAAE,UAAU;QACnB,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,WAAW;QACrB,UAAU,EAAE,SAAS;KACtB;CACF,CAAC"}
@@ -0,0 +1,19 @@
1
+ export interface ErrorSignature {
2
+ /** Server or framework name */
3
+ server: string;
4
+ /** Patterns to match against the HTTP response */
5
+ patterns: {
6
+ /** Regex strings to match in the response body */
7
+ body?: string[];
8
+ /** Expected HTTP status code */
9
+ status?: number;
10
+ /** Regex patterns to match against response header values (header name -> regex) */
11
+ headers?: Record<string, string>;
12
+ };
13
+ /** URL paths that are likely to trigger this error page */
14
+ triggerPaths: string[];
15
+ /** Confidence score from 0.0 to 1.0 */
16
+ confidence: number;
17
+ }
18
+ export declare const ERROR_SIGNATURES: ErrorSignature[];
19
+ //# sourceMappingURL=error-signatures.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"error-signatures.d.ts","sourceRoot":"","sources":["../../src/data/error-signatures.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,cAAc;IAC7B,+BAA+B;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,kDAAkD;IAClD,QAAQ,EAAE;QACR,kDAAkD;QAClD,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;QAChB,gCAAgC;QAChC,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,oFAAoF;QACpF,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KAClC,CAAC;IACF,2DAA2D;IAC3D,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,uCAAuC;IACvC,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,eAAO,MAAM,gBAAgB,EAAE,cAAc,EA2U5C,CAAC"}
@@ -0,0 +1,321 @@
1
+ // error-signatures.ts — Error page patterns for server/framework fingerprinting
2
+ // Each signature maps a server or framework to the error response patterns it produces.
3
+ export const ERROR_SIGNATURES = [
4
+ // ── Apache HTTPD ───────────────────────────────────────────────────────
5
+ {
6
+ server: "Apache",
7
+ patterns: {
8
+ body: [
9
+ "<address>Apache\\/([\\d.]+)\\s*(?:\\(.*?\\))?\\s*Server at",
10
+ "Not Found.*The requested URL was not found on this server",
11
+ ],
12
+ status: 404,
13
+ headers: {
14
+ server: "^Apache\\/[\\d.]+",
15
+ },
16
+ },
17
+ triggerPaths: [
18
+ "/nonexistent-path-abc123",
19
+ "/this-does-not-exist.html",
20
+ ],
21
+ confidence: 0.9,
22
+ },
23
+ // ── Nginx ──────────────────────────────────────────────────────────────
24
+ {
25
+ server: "Nginx",
26
+ patterns: {
27
+ body: [
28
+ "<title>\\d{3}\\s+.*<\\/title>\\s*<\\/head>\\s*<body>\\s*<center><h1>\\d{3}",
29
+ "<hr><center>nginx\\/([\\d.]+)<\\/center>",
30
+ "<center>nginx<\\/center>",
31
+ ],
32
+ status: 404,
33
+ headers: {
34
+ server: "^nginx",
35
+ },
36
+ },
37
+ triggerPaths: [
38
+ "/nonexistent-path-abc123",
39
+ "/this-does-not-exist.html",
40
+ ],
41
+ confidence: 0.9,
42
+ },
43
+ // ── Microsoft IIS ──────────────────────────────────────────────────────
44
+ {
45
+ server: "IIS",
46
+ patterns: {
47
+ body: [
48
+ "Microsoft-IIS\\/([\\d.]+)",
49
+ '<span><H1>Server Error in \'.*?\' Application\\.<\\/H1>',
50
+ "HTTP Error \\d{3}\\.\\d+ - .*",
51
+ "Detailed Error Information:",
52
+ ],
53
+ status: 404,
54
+ headers: {
55
+ server: "^Microsoft-IIS\\/[\\d.]+",
56
+ "x-powered-by": "^ASP\\.NET",
57
+ },
58
+ },
59
+ triggerPaths: [
60
+ "/nonexistent.aspx",
61
+ "/nonexistent.asp",
62
+ "/trace.axd",
63
+ ],
64
+ confidence: 0.85,
65
+ },
66
+ // ── Apache Tomcat ──────────────────────────────────────────────────────
67
+ {
68
+ server: "Tomcat",
69
+ patterns: {
70
+ body: [
71
+ "<title>Apache Tomcat\\/([\\d.]+) - Error report<\\/title>",
72
+ "<h1>HTTP Status \\d{3} &ndash;",
73
+ "java\\.lang\\.\\w+Exception",
74
+ "org\\.apache\\.catalina\\.",
75
+ ],
76
+ status: 404,
77
+ headers: {
78
+ server: "^Apache-Coyote\\/[\\d.]+",
79
+ },
80
+ },
81
+ triggerPaths: [
82
+ "/nonexistent",
83
+ "/WEB-INF/",
84
+ "/META-INF/",
85
+ ],
86
+ confidence: 0.9,
87
+ },
88
+ // ── Express.js ─────────────────────────────────────────────────────────
89
+ {
90
+ server: "Express",
91
+ patterns: {
92
+ body: [
93
+ "Cannot GET \\/.*",
94
+ "Cannot POST \\/.*",
95
+ "ReferenceError:.*<br>\\s+at\\s+",
96
+ "<!DOCTYPE html>\\s*<html.*?>\\s*<head>\\s*<title>Error<\\/title>",
97
+ ],
98
+ status: 404,
99
+ headers: {
100
+ "x-powered-by": "^Express$",
101
+ },
102
+ },
103
+ triggerPaths: [
104
+ "/nonexistent-path",
105
+ "/%00",
106
+ ],
107
+ confidence: 0.85,
108
+ },
109
+ // ── Django ─────────────────────────────────────────────────────────────
110
+ {
111
+ server: "Django",
112
+ patterns: {
113
+ body: [
114
+ "Page not found \\(404\\)",
115
+ "You're seeing this error because you have <code>DEBUG = True<\\/code>",
116
+ "Using the URLconf defined in <code>.*?\\.urls<\\/code>",
117
+ "DisallowedHost at \\/",
118
+ "django\\.core\\.exceptions\\.DisallowedHost",
119
+ ],
120
+ status: 404,
121
+ headers: {
122
+ "x-frame-options": "^DENY$",
123
+ },
124
+ },
125
+ triggerPaths: [
126
+ "/nonexistent",
127
+ "/admin/nonexistent",
128
+ ],
129
+ confidence: 0.9,
130
+ },
131
+ // ── Laravel (Ignition) ────────────────────────────────────────────────
132
+ {
133
+ server: "Laravel",
134
+ patterns: {
135
+ body: [
136
+ "Whoops!\\s*<\\/h1>",
137
+ "Illuminate\\\\.*?Exception",
138
+ "ignition-ui",
139
+ "laravel_session",
140
+ "Symfony\\\\Component\\\\HttpKernel\\\\Exception\\\\NotFoundHttpException",
141
+ ],
142
+ status: 500,
143
+ headers: {
144
+ "set-cookie": "laravel_session=",
145
+ },
146
+ },
147
+ triggerPaths: [
148
+ "/nonexistent",
149
+ "/_ignition/health-check",
150
+ "/_ignition/execute-solution",
151
+ ],
152
+ confidence: 0.85,
153
+ },
154
+ // ── Spring Boot ────────────────────────────────────────────────────────
155
+ {
156
+ server: "Spring Boot",
157
+ patterns: {
158
+ body: [
159
+ "Whitelabel Error Page",
160
+ '"timestamp"\\s*:\\s*".*?"\\s*,\\s*"status"\\s*:\\s*\\d+\\s*,\\s*"error"\\s*:',
161
+ "This application has no explicit mapping for \\/error",
162
+ '"path"\\s*:\\s*"\\/.*?"',
163
+ ],
164
+ status: 404,
165
+ headers: {
166
+ "x-application-context": ".*",
167
+ },
168
+ },
169
+ triggerPaths: [
170
+ "/nonexistent",
171
+ "/error",
172
+ "/actuator",
173
+ ],
174
+ confidence: 0.9,
175
+ },
176
+ // ── Flask / Werkzeug ───────────────────────────────────────────────────
177
+ {
178
+ server: "Flask",
179
+ patterns: {
180
+ body: [
181
+ "werkzeug\\.exceptions\\.NotFound",
182
+ "The requested URL was not found on the server",
183
+ "<!DOCTYPE HTML PUBLIC.*?werkzeug",
184
+ "Traceback \\(most recent call last\\)",
185
+ "\\/console.*?__debugger__",
186
+ ],
187
+ status: 404,
188
+ headers: {
189
+ server: "^Werkzeug\\/[\\d.]+",
190
+ },
191
+ },
192
+ triggerPaths: [
193
+ "/nonexistent",
194
+ "/console",
195
+ ],
196
+ confidence: 0.85,
197
+ },
198
+ // ── Ruby on Rails ──────────────────────────────────────────────────────
199
+ {
200
+ server: "Rails",
201
+ patterns: {
202
+ body: [
203
+ "ActionController::RoutingError",
204
+ "No route matches \\[GET\\]",
205
+ "Rails\\.root:",
206
+ "<title>Action Controller: Exception caught<\\/title>",
207
+ "_rucksack_session",
208
+ ],
209
+ status: 404,
210
+ headers: {
211
+ "x-request-id": "^[0-9a-f-]{36}$",
212
+ "x-runtime": "^[\\d.]+$",
213
+ },
214
+ },
215
+ triggerPaths: [
216
+ "/nonexistent",
217
+ "/rails/info/properties",
218
+ ],
219
+ confidence: 0.85,
220
+ },
221
+ // ── FastAPI ────────────────────────────────────────────────────────────
222
+ {
223
+ server: "FastAPI",
224
+ patterns: {
225
+ body: [
226
+ '\\{"detail"\\s*:\\s*"Not Found"\\}',
227
+ '\\{"detail"\\s*:\\s*\\[\\{.*?"type"\\s*:',
228
+ ],
229
+ status: 404,
230
+ headers: {
231
+ "content-type": "^application\\/json",
232
+ },
233
+ },
234
+ triggerPaths: [
235
+ "/nonexistent",
236
+ "/docs",
237
+ "/openapi.json",
238
+ ],
239
+ confidence: 0.8,
240
+ },
241
+ // ── Gin (Go) ───────────────────────────────────────────────────────────
242
+ {
243
+ server: "Gin",
244
+ patterns: {
245
+ body: [
246
+ "^404 page not found$",
247
+ ],
248
+ status: 404,
249
+ headers: {
250
+ "content-type": "^text\\/plain",
251
+ },
252
+ },
253
+ triggerPaths: [
254
+ "/nonexistent",
255
+ ],
256
+ confidence: 0.7,
257
+ },
258
+ // ── ASP.NET ────────────────────────────────────────────────────────────
259
+ {
260
+ server: "ASP.NET",
261
+ patterns: {
262
+ body: [
263
+ "Server Error in '\\/.*?' Application",
264
+ "Runtime Error",
265
+ "\\[HttpException.*?\\]",
266
+ "Version Information:.*?Microsoft \\.NET Framework Version:",
267
+ "ASP\\.NET is configured to show.*?error messages",
268
+ ],
269
+ status: 500,
270
+ headers: {
271
+ "x-powered-by": "^ASP\\.NET",
272
+ "x-aspnet-version": "^[\\d.]+$",
273
+ },
274
+ },
275
+ triggerPaths: [
276
+ "/nonexistent.aspx",
277
+ "/elmah.axd",
278
+ "/Trace.axd",
279
+ ],
280
+ confidence: 0.9,
281
+ },
282
+ // ── Koa.js ─────────────────────────────────────────────────────────────
283
+ {
284
+ server: "Koa",
285
+ patterns: {
286
+ body: [
287
+ "^Not Found$",
288
+ "InternalServerError:.*at.*",
289
+ ],
290
+ status: 404,
291
+ headers: {
292
+ "x-koa-redis": ".*",
293
+ "content-type": "^text\\/plain",
294
+ },
295
+ },
296
+ triggerPaths: [
297
+ "/nonexistent",
298
+ ],
299
+ confidence: 0.6,
300
+ },
301
+ // ── Fiber (Go) ─────────────────────────────────────────────────────────
302
+ {
303
+ server: "Fiber",
304
+ patterns: {
305
+ body: [
306
+ "Cannot GET \\/.*",
307
+ "Cannot POST \\/.*",
308
+ ],
309
+ status: 404,
310
+ headers: {
311
+ "x-request-id": "^[0-9a-f-]{36}$",
312
+ "content-type": "^text\\/plain",
313
+ },
314
+ },
315
+ triggerPaths: [
316
+ "/nonexistent",
317
+ ],
318
+ confidence: 0.6,
319
+ },
320
+ ];
321
+ //# sourceMappingURL=error-signatures.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"error-signatures.js","sourceRoot":"","sources":["../../src/data/error-signatures.ts"],"names":[],"mappings":"AAAA,gFAAgF;AAChF,wFAAwF;AAoBxF,MAAM,CAAC,MAAM,gBAAgB,GAAqB;IAChD,0EAA0E;IAC1E;QACE,MAAM,EAAE,QAAQ;QAChB,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,4DAA4D;gBAC5D,2DAA2D;aAC5D;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,MAAM,EAAE,mBAAmB;aAC5B;SACF;QACD,YAAY,EAAE;YACZ,0BAA0B;YAC1B,2BAA2B;SAC5B;QACD,UAAU,EAAE,GAAG;KAChB;IAED,0EAA0E;IAC1E;QACE,MAAM,EAAE,OAAO;QACf,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,4EAA4E;gBAC5E,0CAA0C;gBAC1C,0BAA0B;aAC3B;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,MAAM,EAAE,QAAQ;aACjB;SACF;QACD,YAAY,EAAE;YACZ,0BAA0B;YAC1B,2BAA2B;SAC5B;QACD,UAAU,EAAE,GAAG;KAChB;IAED,0EAA0E;IAC1E;QACE,MAAM,EAAE,KAAK;QACb,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,2BAA2B;gBAC3B,yDAAyD;gBACzD,+BAA+B;gBAC/B,6BAA6B;aAC9B;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,MAAM,EAAE,0BAA0B;gBAClC,cAAc,EAAE,YAAY;aAC7B;SACF;QACD,YAAY,EAAE;YACZ,mBAAmB;YACnB,kBAAkB;YAClB,YAAY;SACb;QACD,UAAU,EAAE,IAAI;KACjB;IAED,0EAA0E;IAC1E;QACE,MAAM,EAAE,QAAQ;QAChB,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,2DAA2D;gBAC3D,gCAAgC;gBAChC,6BAA6B;gBAC7B,4BAA4B;aAC7B;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,MAAM,EAAE,0BAA0B;aACnC;SACF;QACD,YAAY,EAAE;YACZ,cAAc;YACd,WAAW;YACX,YAAY;SACb;QACD,UAAU,EAAE,GAAG;KAChB;IAED,0EAA0E;IAC1E;QACE,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,kBAAkB;gBAClB,mBAAmB;gBACnB,iCAAiC;gBACjC,kEAAkE;aACnE;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,cAAc,EAAE,WAAW;aAC5B;SACF;QACD,YAAY,EAAE;YACZ,mBAAmB;YACnB,MAAM;SACP;QACD,UAAU,EAAE,IAAI;KACjB;IAED,0EAA0E;IAC1E;QACE,MAAM,EAAE,QAAQ;QAChB,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,0BAA0B;gBAC1B,uEAAuE;gBACvE,wDAAwD;gBACxD,uBAAuB;gBACvB,6CAA6C;aAC9C;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,iBAAiB,EAAE,QAAQ;aAC5B;SACF;QACD,YAAY,EAAE;YACZ,cAAc;YACd,oBAAoB;SACrB;QACD,UAAU,EAAE,GAAG;KAChB;IAED,yEAAyE;IACzE;QACE,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,oBAAoB;gBACpB,4BAA4B;gBAC5B,aAAa;gBACb,iBAAiB;gBACjB,0EAA0E;aAC3E;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,YAAY,EAAE,kBAAkB;aACjC;SACF;QACD,YAAY,EAAE;YACZ,cAAc;YACd,yBAAyB;YACzB,6BAA6B;SAC9B;QACD,UAAU,EAAE,IAAI;KACjB;IAED,0EAA0E;IAC1E;QACE,MAAM,EAAE,aAAa;QACrB,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,uBAAuB;gBACvB,8EAA8E;gBAC9E,uDAAuD;gBACvD,yBAAyB;aAC1B;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,uBAAuB,EAAE,IAAI;aAC9B;SACF;QACD,YAAY,EAAE;YACZ,cAAc;YACd,QAAQ;YACR,WAAW;SACZ;QACD,UAAU,EAAE,GAAG;KAChB;IAED,0EAA0E;IAC1E;QACE,MAAM,EAAE,OAAO;QACf,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,kCAAkC;gBAClC,+CAA+C;gBAC/C,kCAAkC;gBAClC,uCAAuC;gBACvC,2BAA2B;aAC5B;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,MAAM,EAAE,qBAAqB;aAC9B;SACF;QACD,YAAY,EAAE;YACZ,cAAc;YACd,UAAU;SACX;QACD,UAAU,EAAE,IAAI;KACjB;IAED,0EAA0E;IAC1E;QACE,MAAM,EAAE,OAAO;QACf,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,gCAAgC;gBAChC,4BAA4B;gBAC5B,eAAe;gBACf,sDAAsD;gBACtD,mBAAmB;aACpB;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,cAAc,EAAE,iBAAiB;gBACjC,WAAW,EAAE,WAAW;aACzB;SACF;QACD,YAAY,EAAE;YACZ,cAAc;YACd,wBAAwB;SACzB;QACD,UAAU,EAAE,IAAI;KACjB;IAED,0EAA0E;IAC1E;QACE,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,oCAAoC;gBACpC,0CAA0C;aAC3C;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,cAAc,EAAE,qBAAqB;aACtC;SACF;QACD,YAAY,EAAE;YACZ,cAAc;YACd,OAAO;YACP,eAAe;SAChB;QACD,UAAU,EAAE,GAAG;KAChB;IAED,0EAA0E;IAC1E;QACE,MAAM,EAAE,KAAK;QACb,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,sBAAsB;aACvB;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,cAAc,EAAE,eAAe;aAChC;SACF;QACD,YAAY,EAAE;YACZ,cAAc;SACf;QACD,UAAU,EAAE,GAAG;KAChB;IAED,0EAA0E;IAC1E;QACE,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,sCAAsC;gBACtC,eAAe;gBACf,wBAAwB;gBACxB,4DAA4D;gBAC5D,kDAAkD;aACnD;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,cAAc,EAAE,YAAY;gBAC5B,kBAAkB,EAAE,WAAW;aAChC;SACF;QACD,YAAY,EAAE;YACZ,mBAAmB;YACnB,YAAY;YACZ,YAAY;SACb;QACD,UAAU,EAAE,GAAG;KAChB;IAED,0EAA0E;IAC1E;QACE,MAAM,EAAE,KAAK;QACb,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,aAAa;gBACb,4BAA4B;aAC7B;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,aAAa,EAAE,IAAI;gBACnB,cAAc,EAAE,eAAe;aAChC;SACF;QACD,YAAY,EAAE;YACZ,cAAc;SACf;QACD,UAAU,EAAE,GAAG;KAChB;IAED,0EAA0E;IAC1E;QACE,MAAM,EAAE,OAAO;QACf,QAAQ,EAAE;YACR,IAAI,EAAE;gBACJ,kBAAkB;gBAClB,mBAAmB;aACpB;YACD,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,cAAc,EAAE,iBAAiB;gBACjC,cAAc,EAAE,eAAe;aAChC;SACF;QACD,YAAY,EAAE;YACZ,cAAc;SACf;QACD,UAAU,EAAE,GAAG;KAChB;CACF,CAAC"}
@@ -0,0 +1,25 @@
1
+ /**
2
+ * Favicon MurmurHash3 database for application fingerprinting.
3
+ *
4
+ * Shodan computes a signed 32-bit MurmurHash3 of the raw favicon bytes (after
5
+ * base64-encoding and joining lines with \n). The resulting hash is deterministic
6
+ * for a given favicon file. Many applications ship a default favicon that never
7
+ * changes across installations, making the hash a reliable fingerprint.
8
+ *
9
+ * Usage in Shodan: http.favicon.hash:<hash>
10
+ *
11
+ * References:
12
+ * - https://www.shodan.io/search/facet?query=http.favicon.hash
13
+ * - https://github.com/Viralmaniar/Favicon-Hash-For-Shodan
14
+ */
15
+ /** A known favicon hash entry. */
16
+ export interface FaviconHash {
17
+ /** Signed 32-bit MurmurHash3 of the favicon */
18
+ hash: number;
19
+ /** Human-readable application name */
20
+ name: string;
21
+ /** Classification category */
22
+ category: "ci-cd" | "monitoring" | "firewall" | "network" | "cms" | "database" | "security" | "storage" | "management" | "other";
23
+ }
24
+ export declare const FAVICON_HASHES: FaviconHash[];
25
+ //# sourceMappingURL=favicon-hashes.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"favicon-hashes.d.ts","sourceRoot":"","sources":["../../src/data/favicon-hashes.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,kCAAkC;AAClC,MAAM,WAAW,WAAW;IAC1B,+CAA+C;IAC/C,IAAI,EAAE,MAAM,CAAC;IACb,sCAAsC;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,8BAA8B;IAC9B,QAAQ,EACJ,OAAO,GACP,YAAY,GACZ,UAAU,GACV,SAAS,GACT,KAAK,GACL,UAAU,GACV,UAAU,GACV,SAAS,GACT,YAAY,GACZ,OAAO,CAAC;CACb;AAED,eAAO,MAAM,cAAc,EAAE,WAAW,EAiPvC,CAAC"}