fingerprint-mcp 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (269) hide show
  1. package/LICENSE +663 -0
  2. package/README.ar.md +767 -0
  3. package/README.bn.md +767 -0
  4. package/README.bs.md +767 -0
  5. package/README.da.md +767 -0
  6. package/README.de.md +770 -0
  7. package/README.el.md +767 -0
  8. package/README.es.md +769 -0
  9. package/README.fr.md +769 -0
  10. package/README.hi.md +767 -0
  11. package/README.it.md +767 -0
  12. package/README.ja.md +767 -0
  13. package/README.ko.md +772 -0
  14. package/README.md +767 -0
  15. package/README.no.md +767 -0
  16. package/README.pl.md +767 -0
  17. package/README.pt-BR.md +767 -0
  18. package/README.ru.md +767 -0
  19. package/README.th.md +767 -0
  20. package/README.tr.md +767 -0
  21. package/README.uk.md +767 -0
  22. package/README.vi.md +767 -0
  23. package/README.zh-TW.md +768 -0
  24. package/README.zh.md +768 -0
  25. package/dist/app/index.d.ts +3 -0
  26. package/dist/app/index.d.ts.map +1 -0
  27. package/dist/app/index.js +614 -0
  28. package/dist/app/index.js.map +1 -0
  29. package/dist/composite/analyze.d.ts +3 -0
  30. package/dist/composite/analyze.d.ts.map +1 -0
  31. package/dist/composite/analyze.js +59 -0
  32. package/dist/composite/analyze.js.map +1 -0
  33. package/dist/composite/correlate.d.ts +3 -0
  34. package/dist/composite/correlate.d.ts.map +1 -0
  35. package/dist/composite/correlate.js +184 -0
  36. package/dist/composite/correlate.js.map +1 -0
  37. package/dist/composite/enumerate.d.ts +3 -0
  38. package/dist/composite/enumerate.d.ts.map +1 -0
  39. package/dist/composite/enumerate.js +94 -0
  40. package/dist/composite/enumerate.js.map +1 -0
  41. package/dist/composite/helpers.d.ts +22 -0
  42. package/dist/composite/helpers.d.ts.map +1 -0
  43. package/dist/composite/helpers.js +111 -0
  44. package/dist/composite/helpers.js.map +1 -0
  45. package/dist/composite/index.d.ts +3 -0
  46. package/dist/composite/index.d.ts.map +1 -0
  47. package/dist/composite/index.js +29 -0
  48. package/dist/composite/index.js.map +1 -0
  49. package/dist/composite/meta.d.ts +3 -0
  50. package/dist/composite/meta.d.ts.map +1 -0
  51. package/dist/composite/meta.js +23 -0
  52. package/dist/composite/meta.js.map +1 -0
  53. package/dist/composite/osint.d.ts +3 -0
  54. package/dist/composite/osint.d.ts.map +1 -0
  55. package/dist/composite/osint.js +40 -0
  56. package/dist/composite/osint.js.map +1 -0
  57. package/dist/composite/recon.d.ts +3 -0
  58. package/dist/composite/recon.d.ts.map +1 -0
  59. package/dist/composite/recon.js +131 -0
  60. package/dist/composite/recon.js.map +1 -0
  61. package/dist/composite/scan-dns.d.ts +3 -0
  62. package/dist/composite/scan-dns.d.ts.map +1 -0
  63. package/dist/composite/scan-dns.js +44 -0
  64. package/dist/composite/scan-dns.js.map +1 -0
  65. package/dist/composite/scan-http.d.ts +3 -0
  66. package/dist/composite/scan-http.d.ts.map +1 -0
  67. package/dist/composite/scan-http.js +68 -0
  68. package/dist/composite/scan-http.js.map +1 -0
  69. package/dist/composite/scan-paths.d.ts +3 -0
  70. package/dist/composite/scan-paths.d.ts.map +1 -0
  71. package/dist/composite/scan-paths.js +32 -0
  72. package/dist/composite/scan-paths.js.map +1 -0
  73. package/dist/composite/scan-ports.d.ts +3 -0
  74. package/dist/composite/scan-ports.d.ts.map +1 -0
  75. package/dist/composite/scan-ports.js +79 -0
  76. package/dist/composite/scan-ports.js.map +1 -0
  77. package/dist/composite/scan-services.d.ts +3 -0
  78. package/dist/composite/scan-services.d.ts.map +1 -0
  79. package/dist/composite/scan-services.js +111 -0
  80. package/dist/composite/scan-services.js.map +1 -0
  81. package/dist/composite/scan-tls.d.ts +3 -0
  82. package/dist/composite/scan-tls.d.ts.map +1 -0
  83. package/dist/composite/scan-tls.js +32 -0
  84. package/dist/composite/scan-tls.js.map +1 -0
  85. package/dist/composite/scan-waf.d.ts +3 -0
  86. package/dist/composite/scan-waf.d.ts.map +1 -0
  87. package/dist/composite/scan-waf.js +35 -0
  88. package/dist/composite/scan-waf.js.map +1 -0
  89. package/dist/correlation/index.d.ts +3 -0
  90. package/dist/correlation/index.d.ts.map +1 -0
  91. package/dist/correlation/index.js +1044 -0
  92. package/dist/correlation/index.js.map +1 -0
  93. package/dist/data/analytics-patterns.d.ts +21 -0
  94. package/dist/data/analytics-patterns.d.ts.map +1 -0
  95. package/dist/data/analytics-patterns.js +449 -0
  96. package/dist/data/analytics-patterns.js.map +1 -0
  97. package/dist/data/app-signatures.d.ts +52 -0
  98. package/dist/data/app-signatures.d.ts.map +1 -0
  99. package/dist/data/app-signatures.js +1143 -0
  100. package/dist/data/app-signatures.js.map +1 -0
  101. package/dist/data/c2-signatures.d.ts +54 -0
  102. package/dist/data/c2-signatures.d.ts.map +1 -0
  103. package/dist/data/c2-signatures.js +256 -0
  104. package/dist/data/c2-signatures.js.map +1 -0
  105. package/dist/data/cloud-ranges.d.ts +34 -0
  106. package/dist/data/cloud-ranges.d.ts.map +1 -0
  107. package/dist/data/cloud-ranges.js +628 -0
  108. package/dist/data/cloud-ranges.js.map +1 -0
  109. package/dist/data/cookie-patterns.d.ts +28 -0
  110. package/dist/data/cookie-patterns.d.ts.map +1 -0
  111. package/dist/data/cookie-patterns.js +225 -0
  112. package/dist/data/cookie-patterns.js.map +1 -0
  113. package/dist/data/error-signatures.d.ts +19 -0
  114. package/dist/data/error-signatures.d.ts.map +1 -0
  115. package/dist/data/error-signatures.js +321 -0
  116. package/dist/data/error-signatures.js.map +1 -0
  117. package/dist/data/favicon-hashes.d.ts +25 -0
  118. package/dist/data/favicon-hashes.d.ts.map +1 -0
  119. package/dist/data/favicon-hashes.js +249 -0
  120. package/dist/data/favicon-hashes.js.map +1 -0
  121. package/dist/data/h2-signatures.d.ts +50 -0
  122. package/dist/data/h2-signatures.d.ts.map +1 -0
  123. package/dist/data/h2-signatures.js +211 -0
  124. package/dist/data/h2-signatures.js.map +1 -0
  125. package/dist/data/header-order.d.ts +38 -0
  126. package/dist/data/header-order.d.ts.map +1 -0
  127. package/dist/data/header-order.js +185 -0
  128. package/dist/data/header-order.js.map +1 -0
  129. package/dist/data/jarm-signatures.d.ts +25 -0
  130. package/dist/data/jarm-signatures.d.ts.map +1 -0
  131. package/dist/data/jarm-signatures.js +213 -0
  132. package/dist/data/jarm-signatures.js.map +1 -0
  133. package/dist/data/saas-patterns.d.ts +23 -0
  134. package/dist/data/saas-patterns.d.ts.map +1 -0
  135. package/dist/data/saas-patterns.js +139 -0
  136. package/dist/data/saas-patterns.js.map +1 -0
  137. package/dist/data/sensitive-paths.d.ts +12 -0
  138. package/dist/data/sensitive-paths.d.ts.map +1 -0
  139. package/dist/data/sensitive-paths.js +1539 -0
  140. package/dist/data/sensitive-paths.js.map +1 -0
  141. package/dist/data/service-banners.d.ts +59 -0
  142. package/dist/data/service-banners.d.ts.map +1 -0
  143. package/dist/data/service-banners.js +323 -0
  144. package/dist/data/service-banners.js.map +1 -0
  145. package/dist/data/smtp-signatures.d.ts +12 -0
  146. package/dist/data/smtp-signatures.d.ts.map +1 -0
  147. package/dist/data/smtp-signatures.js +350 -0
  148. package/dist/data/smtp-signatures.js.map +1 -0
  149. package/dist/data/takeover-patterns.d.ts +37 -0
  150. package/dist/data/takeover-patterns.d.ts.map +1 -0
  151. package/dist/data/takeover-patterns.js +249 -0
  152. package/dist/data/takeover-patterns.js.map +1 -0
  153. package/dist/data/tech-patterns.d.ts +44 -0
  154. package/dist/data/tech-patterns.d.ts.map +1 -0
  155. package/dist/data/tech-patterns.js +690 -0
  156. package/dist/data/tech-patterns.js.map +1 -0
  157. package/dist/data/waf-signatures.d.ts +21 -0
  158. package/dist/data/waf-signatures.d.ts.map +1 -0
  159. package/dist/data/waf-signatures.js +318 -0
  160. package/dist/data/waf-signatures.js.map +1 -0
  161. package/dist/dns/index.d.ts +3 -0
  162. package/dist/dns/index.d.ts.map +1 -0
  163. package/dist/dns/index.js +1067 -0
  164. package/dist/dns/index.js.map +1 -0
  165. package/dist/enum/index.d.ts +3 -0
  166. package/dist/enum/index.d.ts.map +1 -0
  167. package/dist/enum/index.js +818 -0
  168. package/dist/enum/index.js.map +1 -0
  169. package/dist/h2/index.d.ts +3 -0
  170. package/dist/h2/index.d.ts.map +1 -0
  171. package/dist/h2/index.js +414 -0
  172. package/dist/h2/index.js.map +1 -0
  173. package/dist/http/index.d.ts +3 -0
  174. package/dist/http/index.d.ts.map +1 -0
  175. package/dist/http/index.js +2444 -0
  176. package/dist/http/index.js.map +1 -0
  177. package/dist/identify/index.d.ts +3 -0
  178. package/dist/identify/index.d.ts.map +1 -0
  179. package/dist/identify/index.js +447 -0
  180. package/dist/identify/index.js.map +1 -0
  181. package/dist/index.d.ts +3 -0
  182. package/dist/index.d.ts.map +1 -0
  183. package/dist/index.js +165 -0
  184. package/dist/index.js.map +1 -0
  185. package/dist/infra/index.d.ts +3 -0
  186. package/dist/infra/index.d.ts.map +1 -0
  187. package/dist/infra/index.js +989 -0
  188. package/dist/infra/index.js.map +1 -0
  189. package/dist/iot/index.d.ts +3 -0
  190. package/dist/iot/index.d.ts.map +1 -0
  191. package/dist/iot/index.js +610 -0
  192. package/dist/iot/index.js.map +1 -0
  193. package/dist/meta/index.d.ts +3 -0
  194. package/dist/meta/index.d.ts.map +1 -0
  195. package/dist/meta/index.js +442 -0
  196. package/dist/meta/index.js.map +1 -0
  197. package/dist/osint/index.d.ts +3 -0
  198. package/dist/osint/index.d.ts.map +1 -0
  199. package/dist/osint/index.js +687 -0
  200. package/dist/osint/index.js.map +1 -0
  201. package/dist/passive/index.d.ts +3 -0
  202. package/dist/passive/index.d.ts.map +1 -0
  203. package/dist/passive/index.js +944 -0
  204. package/dist/passive/index.js.map +1 -0
  205. package/dist/path/index.d.ts +3 -0
  206. package/dist/path/index.d.ts.map +1 -0
  207. package/dist/path/index.js +878 -0
  208. package/dist/path/index.js.map +1 -0
  209. package/dist/protocol/mcp-server.d.ts +4 -0
  210. package/dist/protocol/mcp-server.d.ts.map +1 -0
  211. package/dist/protocol/mcp-server.js +32 -0
  212. package/dist/protocol/mcp-server.js.map +1 -0
  213. package/dist/protocol/tools.d.ts +3 -0
  214. package/dist/protocol/tools.d.ts.map +1 -0
  215. package/dist/protocol/tools.js +5 -0
  216. package/dist/protocol/tools.js.map +1 -0
  217. package/dist/service/index.d.ts +3 -0
  218. package/dist/service/index.d.ts.map +1 -0
  219. package/dist/service/index.js +1053 -0
  220. package/dist/service/index.js.map +1 -0
  221. package/dist/smtp/index.d.ts +3 -0
  222. package/dist/smtp/index.d.ts.map +1 -0
  223. package/dist/smtp/index.js +437 -0
  224. package/dist/smtp/index.js.map +1 -0
  225. package/dist/ssh/index.d.ts +3 -0
  226. package/dist/ssh/index.d.ts.map +1 -0
  227. package/dist/ssh/index.js +676 -0
  228. package/dist/ssh/index.js.map +1 -0
  229. package/dist/tcp/index.d.ts +3 -0
  230. package/dist/tcp/index.d.ts.map +1 -0
  231. package/dist/tcp/index.js +369 -0
  232. package/dist/tcp/index.js.map +1 -0
  233. package/dist/timing/index.d.ts +3 -0
  234. package/dist/timing/index.d.ts.map +1 -0
  235. package/dist/timing/index.js +425 -0
  236. package/dist/timing/index.js.map +1 -0
  237. package/dist/tls/index.d.ts +3 -0
  238. package/dist/tls/index.d.ts.map +1 -0
  239. package/dist/tls/index.js +1332 -0
  240. package/dist/tls/index.js.map +1 -0
  241. package/dist/types/index.d.ts +26 -0
  242. package/dist/types/index.d.ts.map +1 -0
  243. package/dist/types/index.js +8 -0
  244. package/dist/types/index.js.map +1 -0
  245. package/dist/utils/cache.d.ts +11 -0
  246. package/dist/utils/cache.d.ts.map +1 -0
  247. package/dist/utils/cache.js +35 -0
  248. package/dist/utils/cache.js.map +1 -0
  249. package/dist/utils/murmurhash3.d.ts +3 -0
  250. package/dist/utils/murmurhash3.d.ts.map +1 -0
  251. package/dist/utils/murmurhash3.js +57 -0
  252. package/dist/utils/murmurhash3.js.map +1 -0
  253. package/dist/utils/rate-limiter.d.ts +10 -0
  254. package/dist/utils/rate-limiter.d.ts.map +1 -0
  255. package/dist/utils/rate-limiter.js +35 -0
  256. package/dist/utils/rate-limiter.js.map +1 -0
  257. package/dist/utils/require-key.d.ts +2 -0
  258. package/dist/utils/require-key.d.ts.map +1 -0
  259. package/dist/utils/require-key.js +8 -0
  260. package/dist/utils/require-key.js.map +1 -0
  261. package/dist/waf/index.d.ts +3 -0
  262. package/dist/waf/index.d.ts.map +1 -0
  263. package/dist/waf/index.js +767 -0
  264. package/dist/waf/index.js.map +1 -0
  265. package/dist/web/index.d.ts +3 -0
  266. package/dist/web/index.d.ts.map +1 -0
  267. package/dist/web/index.js +1366 -0
  268. package/dist/web/index.js.map +1 -0
  269. package/package.json +66 -0
@@ -0,0 +1,249 @@
1
+ /**
2
+ * Favicon MurmurHash3 database for application fingerprinting.
3
+ *
4
+ * Shodan computes a signed 32-bit MurmurHash3 of the raw favicon bytes (after
5
+ * base64-encoding and joining lines with \n). The resulting hash is deterministic
6
+ * for a given favicon file. Many applications ship a default favicon that never
7
+ * changes across installations, making the hash a reliable fingerprint.
8
+ *
9
+ * Usage in Shodan: http.favicon.hash:<hash>
10
+ *
11
+ * References:
12
+ * - https://www.shodan.io/search/facet?query=http.favicon.hash
13
+ * - https://github.com/Viralmaniar/Favicon-Hash-For-Shodan
14
+ */
15
+ export const FAVICON_HASHES = [
16
+ // ──────────────────────────────────────────────────
17
+ // CI/CD & DevOps
18
+ // ──────────────────────────────────────────────────
19
+ {
20
+ hash: -586023785,
21
+ name: "Jenkins",
22
+ category: "ci-cd",
23
+ },
24
+ {
25
+ hash: 81586312,
26
+ name: "Jenkins (blue ocean)",
27
+ category: "ci-cd",
28
+ },
29
+ {
30
+ hash: -1293290337,
31
+ name: "GitLab CE/EE",
32
+ category: "ci-cd",
33
+ },
34
+ {
35
+ hash: -1231872293,
36
+ name: "Argo CD",
37
+ category: "ci-cd",
38
+ },
39
+ {
40
+ hash: 1485257654,
41
+ name: "Sonatype Nexus Repository",
42
+ category: "ci-cd",
43
+ },
44
+ {
45
+ hash: -473653720,
46
+ name: "JFrog Artifactory",
47
+ category: "ci-cd",
48
+ },
49
+ {
50
+ hash: 1917443752,
51
+ name: "SonarQube",
52
+ category: "ci-cd",
53
+ },
54
+ {
55
+ hash: 595148549,
56
+ name: "Harbor Registry",
57
+ category: "ci-cd",
58
+ },
59
+ // ──────────────────────────────────────────────────
60
+ // Monitoring & Observability
61
+ // ──────────────────────────────────────────────────
62
+ {
63
+ hash: -1399433489,
64
+ name: "Grafana",
65
+ category: "monitoring",
66
+ },
67
+ {
68
+ hash: -1811827550,
69
+ name: "Kibana",
70
+ category: "monitoring",
71
+ },
72
+ {
73
+ hash: 1571196100,
74
+ name: "Prometheus",
75
+ category: "monitoring",
76
+ },
77
+ {
78
+ hash: -580765191,
79
+ name: "Graylog",
80
+ category: "monitoring",
81
+ },
82
+ {
83
+ hash: 999357577,
84
+ name: "Zabbix",
85
+ category: "monitoring",
86
+ },
87
+ {
88
+ hash: -412708573,
89
+ name: "Nagios",
90
+ category: "monitoring",
91
+ },
92
+ {
93
+ hash: -54810069,
94
+ name: "Cacti",
95
+ category: "monitoring",
96
+ },
97
+ // ──────────────────────────────────────────────────
98
+ // Firewalls & Network Security
99
+ // ──────────────────────────────────────────────────
100
+ {
101
+ hash: 945408572,
102
+ name: "FortiGate (Fortinet)",
103
+ category: "firewall",
104
+ },
105
+ {
106
+ hash: -305179312,
107
+ name: "pfSense",
108
+ category: "firewall",
109
+ },
110
+ {
111
+ hash: 1485478972,
112
+ name: "OPNsense",
113
+ category: "firewall",
114
+ },
115
+ {
116
+ hash: 362091310,
117
+ name: "Citrix NetScaler / ADC",
118
+ category: "firewall",
119
+ },
120
+ // ──────────────────────────────────────────────────
121
+ // Network Equipment & Infrastructure
122
+ // ──────────────────────────────────────────────────
123
+ {
124
+ hash: -1011037059,
125
+ name: "Ubiquiti UniFi Controller",
126
+ category: "network",
127
+ },
128
+ {
129
+ hash: 1898498554,
130
+ name: "MikroTik RouterOS",
131
+ category: "network",
132
+ },
133
+ {
134
+ hash: -831237885,
135
+ name: "Traefik Dashboard",
136
+ category: "network",
137
+ },
138
+ // ──────────────────────────────────────────────────
139
+ // CMS & Web Applications
140
+ // ──────────────────────────────────────────────────
141
+ {
142
+ hash: -335242539,
143
+ name: "phpMyAdmin",
144
+ category: "cms",
145
+ },
146
+ {
147
+ hash: 116323821,
148
+ name: "Spring Boot (default Leaf favicon)",
149
+ category: "cms",
150
+ },
151
+ {
152
+ hash: 1117779739,
153
+ name: "Apache Tomcat (default)",
154
+ category: "cms",
155
+ },
156
+ {
157
+ hash: -428315662,
158
+ name: "Webmin",
159
+ category: "cms",
160
+ },
161
+ {
162
+ hash: -160464759,
163
+ name: "cPanel",
164
+ category: "cms",
165
+ },
166
+ {
167
+ hash: -2044357687,
168
+ name: "Plesk",
169
+ category: "cms",
170
+ },
171
+ {
172
+ hash: -244487534,
173
+ name: "RabbitMQ Management",
174
+ category: "cms",
175
+ },
176
+ // ──────────────────────────────────────────────────
177
+ // Database & Search
178
+ // ──────────────────────────────────────────────────
179
+ {
180
+ hash: -536764016,
181
+ name: "Elasticsearch",
182
+ category: "database",
183
+ },
184
+ {
185
+ hash: -656811182,
186
+ name: "CouchDB Fauxton",
187
+ category: "database",
188
+ },
189
+ // ──────────────────────────────────────────────────
190
+ // Security & IAM
191
+ // ──────────────────────────────────────────────────
192
+ {
193
+ hash: -1073546895,
194
+ name: "HashiCorp Vault",
195
+ category: "security",
196
+ },
197
+ {
198
+ hash: 113734322,
199
+ name: "HashiCorp Consul",
200
+ category: "security",
201
+ },
202
+ {
203
+ hash: -1166125415,
204
+ name: "Keycloak",
205
+ category: "security",
206
+ },
207
+ // ──────────────────────────────────────────────────
208
+ // Storage & NAS
209
+ // ──────────────────────────────────────────────────
210
+ {
211
+ hash: -822940097,
212
+ name: "MinIO",
213
+ category: "storage",
214
+ },
215
+ {
216
+ hash: -1535817075,
217
+ name: "Synology DSM",
218
+ category: "storage",
219
+ },
220
+ {
221
+ hash: 1262005765,
222
+ name: "QNAP QTS",
223
+ category: "storage",
224
+ },
225
+ // ──────────────────────────────────────────────────
226
+ // Management & Orchestration
227
+ // ──────────────────────────────────────────────────
228
+ {
229
+ hash: -1889921692,
230
+ name: "Atlassian Jira",
231
+ category: "management",
232
+ },
233
+ {
234
+ hash: -305317842,
235
+ name: "Atlassian Confluence",
236
+ category: "management",
237
+ },
238
+ {
239
+ hash: -1950415971,
240
+ name: "Kubernetes Dashboard",
241
+ category: "management",
242
+ },
243
+ {
244
+ hash: 671932091,
245
+ name: "Portainer",
246
+ category: "management",
247
+ },
248
+ ];
249
+ //# sourceMappingURL=favicon-hashes.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"favicon-hashes.js","sourceRoot":"","sources":["../../src/data/favicon-hashes.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAsBH,MAAM,CAAC,MAAM,cAAc,GAAkB;IAC3C,qDAAqD;IACrD,iBAAiB;IACjB,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,cAAc;QACpB,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,WAAW;QACjB,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,iBAAiB;QACvB,QAAQ,EAAE,OAAO;KAClB;IAED,qDAAqD;IACrD,6BAA6B;IAC7B,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,YAAY;QAClB,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,CAAC,QAAQ;QACf,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,YAAY;KACvB;IAED,qDAAqD;IACrD,+BAA+B;IAC/B,qDAAqD;IACrD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,UAAU;QAChB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,UAAU;KACrB;IAED,qDAAqD;IACrD,qCAAqC;IACrC,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,SAAS;KACpB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,SAAS;KACpB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,SAAS;KACpB;IAED,qDAAqD;IACrD,yBAAyB;IACzB,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,YAAY;QAClB,QAAQ,EAAE,KAAK;KAChB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,oCAAoC;QAC1C,QAAQ,EAAE,KAAK;KAChB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,KAAK;KAChB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,KAAK;KAChB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,KAAK;KAChB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,KAAK;KAChB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,KAAK;KAChB;IAED,qDAAqD;IACrD,oBAAoB;IACpB,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,eAAe;QACrB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,iBAAiB;QACvB,QAAQ,EAAE,UAAU;KACrB;IAED,qDAAqD;IACrD,iBAAiB;IACjB,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,iBAAiB;QACvB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,kBAAkB;QACxB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,UAAU;QAChB,QAAQ,EAAE,UAAU;KACrB;IAED,qDAAqD;IACrD,gBAAgB;IAChB,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,SAAS;KACpB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,cAAc;QACpB,QAAQ,EAAE,SAAS;KACpB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,UAAU;QAChB,QAAQ,EAAE,SAAS;KACpB;IAED,qDAAqD;IACrD,6BAA6B;IAC7B,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,gBAAgB;QACtB,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,WAAW;QACjB,QAAQ,EAAE,YAAY;KACvB;CACF,CAAC"}
@@ -0,0 +1,50 @@
1
+ /**
2
+ * HTTP/2 SETTINGS frame fingerprints for server implementation identification.
3
+ *
4
+ * When an HTTP/2 connection is established, the server sends a SETTINGS frame
5
+ * (RFC 7540 Section 6.5) containing its preferred protocol parameters. Different
6
+ * HTTP/2 implementations choose distinct default values and orderings for these
7
+ * settings, creating a reliable passive fingerprint.
8
+ *
9
+ * Additionally, idle connection GOAWAY behavior (timeout duration and debug data)
10
+ * varies across implementations, providing a secondary identification signal.
11
+ *
12
+ * SETTINGS frame parameters (RFC 7540 Section 6.5.2):
13
+ * - HEADER_TABLE_SIZE (0x1) - HPACK dynamic table size
14
+ * - ENABLE_PUSH (0x2) - Server push enabled (0 or 1)
15
+ * - MAX_CONCURRENT_STREAMS (0x3) - Max simultaneous streams
16
+ * - INITIAL_WINDOW_SIZE (0x4) - Flow-control window size
17
+ * - MAX_FRAME_SIZE (0x5) - Largest frame payload
18
+ * - MAX_HEADER_LIST_SIZE (0x6) - Max header list size
19
+ *
20
+ * References:
21
+ * - RFC 7540 (HTTP/2)
22
+ * - https://github.com/AliasIO/wappalyzer
23
+ * - https://www.blackhat.com/docs/eu-17/materials/eu-17-Shuster-Passive-Fingerprinting-Of-HTTP2-Clients-wp.pdf
24
+ */
25
+ /** HTTP/2 SETTINGS frame signature for a known server implementation. */
26
+ export interface H2Signature {
27
+ /** Server or implementation name */
28
+ server: string;
29
+ /** Expected SETTINGS frame parameters (undefined means the setting is not sent) */
30
+ settings: {
31
+ /** HPACK header table size in bytes */
32
+ headerTableSize?: number;
33
+ /** Whether server push is enabled (0 = disabled, 1 = enabled) */
34
+ enablePush?: number;
35
+ /** Maximum number of concurrent streams */
36
+ maxConcurrentStreams?: number;
37
+ /** Initial flow-control window size in bytes */
38
+ initialWindowSize?: number;
39
+ /** Maximum frame payload size in bytes */
40
+ maxFrameSize?: number;
41
+ /** Maximum header list size in bytes */
42
+ maxHeaderListSize?: number;
43
+ };
44
+ /** Idle timeout in seconds before the server sends GOAWAY */
45
+ goawayTimeout?: number;
46
+ /** Expected content of the GOAWAY debug data field */
47
+ goawayDebugData?: string;
48
+ }
49
+ export declare const H2_SIGNATURES: H2Signature[];
50
+ //# sourceMappingURL=h2-signatures.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"h2-signatures.d.ts","sourceRoot":"","sources":["../../src/data/h2-signatures.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,yEAAyE;AACzE,MAAM,WAAW,WAAW;IAC1B,oCAAoC;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,mFAAmF;IACnF,QAAQ,EAAE;QACR,uCAAuC;QACvC,eAAe,CAAC,EAAE,MAAM,CAAC;QACzB,iEAAiE;QACjE,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,2CAA2C;QAC3C,oBAAoB,CAAC,EAAE,MAAM,CAAC;QAC9B,gDAAgD;QAChD,iBAAiB,CAAC,EAAE,MAAM,CAAC;QAC3B,0CAA0C;QAC1C,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,wCAAwC;QACxC,iBAAiB,CAAC,EAAE,MAAM,CAAC;KAC5B,CAAC;IACF,6DAA6D;IAC7D,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,sDAAsD;IACtD,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,eAAO,MAAM,aAAa,EAAE,WAAW,EAyLtC,CAAC"}
@@ -0,0 +1,211 @@
1
+ /**
2
+ * HTTP/2 SETTINGS frame fingerprints for server implementation identification.
3
+ *
4
+ * When an HTTP/2 connection is established, the server sends a SETTINGS frame
5
+ * (RFC 7540 Section 6.5) containing its preferred protocol parameters. Different
6
+ * HTTP/2 implementations choose distinct default values and orderings for these
7
+ * settings, creating a reliable passive fingerprint.
8
+ *
9
+ * Additionally, idle connection GOAWAY behavior (timeout duration and debug data)
10
+ * varies across implementations, providing a secondary identification signal.
11
+ *
12
+ * SETTINGS frame parameters (RFC 7540 Section 6.5.2):
13
+ * - HEADER_TABLE_SIZE (0x1) - HPACK dynamic table size
14
+ * - ENABLE_PUSH (0x2) - Server push enabled (0 or 1)
15
+ * - MAX_CONCURRENT_STREAMS (0x3) - Max simultaneous streams
16
+ * - INITIAL_WINDOW_SIZE (0x4) - Flow-control window size
17
+ * - MAX_FRAME_SIZE (0x5) - Largest frame payload
18
+ * - MAX_HEADER_LIST_SIZE (0x6) - Max header list size
19
+ *
20
+ * References:
21
+ * - RFC 7540 (HTTP/2)
22
+ * - https://github.com/AliasIO/wappalyzer
23
+ * - https://www.blackhat.com/docs/eu-17/materials/eu-17-Shuster-Passive-Fingerprinting-Of-HTTP2-Clients-wp.pdf
24
+ */
25
+ export const H2_SIGNATURES = [
26
+ {
27
+ server: "Nginx",
28
+ settings: {
29
+ headerTableSize: 4096,
30
+ enablePush: 0,
31
+ maxConcurrentStreams: 128,
32
+ initialWindowSize: 65535,
33
+ maxFrameSize: 16384,
34
+ maxHeaderListSize: 16384,
35
+ },
36
+ goawayTimeout: 60,
37
+ },
38
+ {
39
+ server: "Nginx (tuned)",
40
+ settings: {
41
+ headerTableSize: 4096,
42
+ enablePush: 0,
43
+ maxConcurrentStreams: 256,
44
+ initialWindowSize: 65535,
45
+ maxFrameSize: 16384,
46
+ maxHeaderListSize: 32768,
47
+ },
48
+ goawayTimeout: 60,
49
+ },
50
+ {
51
+ server: "Apache httpd (mod_http2)",
52
+ settings: {
53
+ headerTableSize: 8192,
54
+ enablePush: 1,
55
+ maxConcurrentStreams: 100,
56
+ initialWindowSize: 65535,
57
+ maxFrameSize: 16384,
58
+ maxHeaderListSize: 25600,
59
+ },
60
+ goawayTimeout: 0,
61
+ goawayDebugData: "",
62
+ },
63
+ {
64
+ server: "Envoy Proxy",
65
+ settings: {
66
+ headerTableSize: 4096,
67
+ enablePush: 0,
68
+ maxConcurrentStreams: 2147483647,
69
+ initialWindowSize: 268435456,
70
+ maxFrameSize: 16384,
71
+ maxHeaderListSize: 60000,
72
+ },
73
+ goawayTimeout: 300,
74
+ goawayDebugData: "",
75
+ },
76
+ {
77
+ server: "Cloudflare",
78
+ settings: {
79
+ headerTableSize: 65536,
80
+ enablePush: 0,
81
+ maxConcurrentStreams: 256,
82
+ initialWindowSize: 65536,
83
+ maxFrameSize: 16384,
84
+ maxHeaderListSize: 16384,
85
+ },
86
+ goawayTimeout: 900,
87
+ },
88
+ {
89
+ server: "AWS Application Load Balancer",
90
+ settings: {
91
+ headerTableSize: 4096,
92
+ enablePush: 0,
93
+ maxConcurrentStreams: 128,
94
+ initialWindowSize: 65535,
95
+ maxFrameSize: 16384,
96
+ maxHeaderListSize: 131072,
97
+ },
98
+ goawayTimeout: 60,
99
+ },
100
+ {
101
+ server: "Caddy",
102
+ settings: {
103
+ headerTableSize: 4096,
104
+ enablePush: 0,
105
+ maxConcurrentStreams: 250,
106
+ initialWindowSize: 1048576,
107
+ maxFrameSize: 16384,
108
+ maxHeaderListSize: 8192,
109
+ },
110
+ goawayTimeout: 0,
111
+ },
112
+ {
113
+ server: "LiteSpeed",
114
+ settings: {
115
+ headerTableSize: 65536,
116
+ enablePush: 1,
117
+ maxConcurrentStreams: 100,
118
+ initialWindowSize: 65535,
119
+ maxFrameSize: 16384,
120
+ maxHeaderListSize: 65536,
121
+ },
122
+ goawayTimeout: 300,
123
+ },
124
+ {
125
+ server: "Node.js (http2 module)",
126
+ settings: {
127
+ headerTableSize: 4096,
128
+ enablePush: 1,
129
+ maxConcurrentStreams: 4294967295,
130
+ initialWindowSize: 65535,
131
+ maxFrameSize: 16384,
132
+ },
133
+ goawayTimeout: 120,
134
+ goawayDebugData: "",
135
+ },
136
+ {
137
+ server: "Go net/http2",
138
+ settings: {
139
+ headerTableSize: 4096,
140
+ enablePush: 0,
141
+ maxConcurrentStreams: 250,
142
+ initialWindowSize: 1048576,
143
+ maxFrameSize: 16384,
144
+ maxHeaderListSize: 10485760,
145
+ },
146
+ goawayTimeout: 0,
147
+ goawayDebugData: "graceful_stop",
148
+ },
149
+ {
150
+ server: "Microsoft IIS / Kestrel",
151
+ settings: {
152
+ headerTableSize: 4096,
153
+ enablePush: 1,
154
+ maxConcurrentStreams: 100,
155
+ initialWindowSize: 65535,
156
+ maxFrameSize: 16384,
157
+ maxHeaderListSize: 32768,
158
+ },
159
+ goawayTimeout: 120,
160
+ },
161
+ {
162
+ server: "Akamai Ghost",
163
+ settings: {
164
+ headerTableSize: 4096,
165
+ enablePush: 0,
166
+ maxConcurrentStreams: 100,
167
+ initialWindowSize: 65535,
168
+ maxFrameSize: 16384,
169
+ maxHeaderListSize: 32768,
170
+ },
171
+ goawayTimeout: 120,
172
+ },
173
+ {
174
+ server: "Fastly (H2O / Varnish)",
175
+ settings: {
176
+ headerTableSize: 4096,
177
+ enablePush: 0,
178
+ maxConcurrentStreams: 100,
179
+ initialWindowSize: 262144,
180
+ maxFrameSize: 16384,
181
+ maxHeaderListSize: 65536,
182
+ },
183
+ goawayTimeout: 60,
184
+ },
185
+ {
186
+ server: "Traefik",
187
+ settings: {
188
+ headerTableSize: 4096,
189
+ enablePush: 0,
190
+ maxConcurrentStreams: 250,
191
+ initialWindowSize: 1048576,
192
+ maxFrameSize: 16384,
193
+ maxHeaderListSize: 10485760,
194
+ },
195
+ goawayTimeout: 0,
196
+ goawayDebugData: "graceful_stop",
197
+ },
198
+ {
199
+ server: "gRPC (Go)",
200
+ settings: {
201
+ headerTableSize: 4096,
202
+ enablePush: 0,
203
+ maxConcurrentStreams: 4294967295,
204
+ initialWindowSize: 65535,
205
+ maxFrameSize: 16384,
206
+ },
207
+ goawayTimeout: 0,
208
+ goawayDebugData: "max_age",
209
+ },
210
+ ];
211
+ //# sourceMappingURL=h2-signatures.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"h2-signatures.js","sourceRoot":"","sources":["../../src/data/h2-signatures.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AA2BH,MAAM,CAAC,MAAM,aAAa,GAAkB;IAC1C;QACE,MAAM,EAAE,OAAO;QACf,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,EAAE;KAClB;IACD;QACE,MAAM,EAAE,eAAe;QACvB,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,EAAE;KAClB;IACD;QACE,MAAM,EAAE,0BAA0B;QAClC,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,CAAC;QAChB,eAAe,EAAE,EAAE;KACpB;IACD;QACE,MAAM,EAAE,aAAa;QACrB,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,UAAU;YAChC,iBAAiB,EAAE,SAAS;YAC5B,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,GAAG;QAClB,eAAe,EAAE,EAAE;KACpB;IACD;QACE,MAAM,EAAE,YAAY;QACpB,QAAQ,EAAE;YACR,eAAe,EAAE,KAAK;YACtB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,GAAG;KACnB;IACD;QACE,MAAM,EAAE,+BAA+B;QACvC,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,MAAM;SAC1B;QACD,aAAa,EAAE,EAAE;KAClB;IACD;QACE,MAAM,EAAE,OAAO;QACf,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,OAAO;YAC1B,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,IAAI;SACxB;QACD,aAAa,EAAE,CAAC;KACjB;IACD;QACE,MAAM,EAAE,WAAW;QACnB,QAAQ,EAAE;YACR,eAAe,EAAE,KAAK;YACtB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,GAAG;KACnB;IACD;QACE,MAAM,EAAE,wBAAwB;QAChC,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,UAAU;YAChC,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;SACpB;QACD,aAAa,EAAE,GAAG;QAClB,eAAe,EAAE,EAAE;KACpB;IACD;QACE,MAAM,EAAE,cAAc;QACtB,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,OAAO;YAC1B,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,QAAQ;SAC5B;QACD,aAAa,EAAE,CAAC;QAChB,eAAe,EAAE,eAAe;KACjC;IACD;QACE,MAAM,EAAE,yBAAyB;QACjC,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,GAAG;KACnB;IACD;QACE,MAAM,EAAE,cAAc;QACtB,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,GAAG;KACnB;IACD;QACE,MAAM,EAAE,wBAAwB;QAChC,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,MAAM;YACzB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,EAAE;KAClB;IACD;QACE,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,OAAO;YAC1B,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,QAAQ;SAC5B;QACD,aAAa,EAAE,CAAC;QAChB,eAAe,EAAE,eAAe;KACjC;IACD;QACE,MAAM,EAAE,WAAW;QACnB,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,UAAU;YAChC,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;SACpB;QACD,aAAa,EAAE,CAAC;QAChB,eAAe,EAAE,SAAS;KAC3B;CACF,CAAC"}
@@ -0,0 +1,38 @@
1
+ /**
2
+ * HTTP response header ordering signatures for server identification.
3
+ *
4
+ * Different HTTP server implementations emit response headers in a characteristic
5
+ * order that is determined by the source code, not by any standard. By recording the
6
+ * order of canonical header names in a response and comparing against known signatures
7
+ * we can passively fingerprint the server software -- even when the Server header is
8
+ * stripped or spoofed.
9
+ *
10
+ * The hash is computed by joining the lowercased header names with commas and taking
11
+ * a simple FNV-1a 32-bit hash of the resulting string.
12
+ *
13
+ * References:
14
+ * - https://httprobe.org
15
+ * - Nmap HTTP fingerprinting engine
16
+ */
17
+ /** A known header-order signature entry. */
18
+ export interface HeaderOrderSignature {
19
+ /** The server software name */
20
+ server: string;
21
+ /** Canonical header names in the order they appear in a typical response */
22
+ order: string[];
23
+ /** Precomputed SHA-256-based short hash of the joined header order for quick matching */
24
+ hash: string;
25
+ }
26
+ /**
27
+ * Compute a deterministic hash from an array of header names.
28
+ *
29
+ * The function lowercases every header name, joins them with commas, and returns
30
+ * the first 16 hex characters of the SHA-256 digest. This gives 64 bits of entropy
31
+ * which is sufficient for matching against a small dictionary.
32
+ *
33
+ * @param headers - Array of header names in observed order
34
+ * @returns 16-character hex hash string
35
+ */
36
+ export declare function computeHeaderOrderHash(headers: string[]): string;
37
+ export declare const HEADER_ORDER_SIGNATURES: HeaderOrderSignature[];
38
+ //# sourceMappingURL=header-order.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"header-order.d.ts","sourceRoot":"","sources":["../../src/data/header-order.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAIH,4CAA4C;AAC5C,MAAM,WAAW,oBAAoB;IACnC,+BAA+B;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,4EAA4E;IAC5E,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,yFAAyF;IACzF,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;;;;;;;;GASG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,CAIhE;AAED,eAAO,MAAM,uBAAuB,EAAE,oBAAoB,EAuJzD,CAAC"}