fingerprint-mcp 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +663 -0
- package/README.ar.md +767 -0
- package/README.bn.md +767 -0
- package/README.bs.md +767 -0
- package/README.da.md +767 -0
- package/README.de.md +770 -0
- package/README.el.md +767 -0
- package/README.es.md +769 -0
- package/README.fr.md +769 -0
- package/README.hi.md +767 -0
- package/README.it.md +767 -0
- package/README.ja.md +767 -0
- package/README.ko.md +772 -0
- package/README.md +767 -0
- package/README.no.md +767 -0
- package/README.pl.md +767 -0
- package/README.pt-BR.md +767 -0
- package/README.ru.md +767 -0
- package/README.th.md +767 -0
- package/README.tr.md +767 -0
- package/README.uk.md +767 -0
- package/README.vi.md +767 -0
- package/README.zh-TW.md +768 -0
- package/README.zh.md +768 -0
- package/dist/app/index.d.ts +3 -0
- package/dist/app/index.d.ts.map +1 -0
- package/dist/app/index.js +614 -0
- package/dist/app/index.js.map +1 -0
- package/dist/composite/analyze.d.ts +3 -0
- package/dist/composite/analyze.d.ts.map +1 -0
- package/dist/composite/analyze.js +59 -0
- package/dist/composite/analyze.js.map +1 -0
- package/dist/composite/correlate.d.ts +3 -0
- package/dist/composite/correlate.d.ts.map +1 -0
- package/dist/composite/correlate.js +184 -0
- package/dist/composite/correlate.js.map +1 -0
- package/dist/composite/enumerate.d.ts +3 -0
- package/dist/composite/enumerate.d.ts.map +1 -0
- package/dist/composite/enumerate.js +94 -0
- package/dist/composite/enumerate.js.map +1 -0
- package/dist/composite/helpers.d.ts +22 -0
- package/dist/composite/helpers.d.ts.map +1 -0
- package/dist/composite/helpers.js +111 -0
- package/dist/composite/helpers.js.map +1 -0
- package/dist/composite/index.d.ts +3 -0
- package/dist/composite/index.d.ts.map +1 -0
- package/dist/composite/index.js +29 -0
- package/dist/composite/index.js.map +1 -0
- package/dist/composite/meta.d.ts +3 -0
- package/dist/composite/meta.d.ts.map +1 -0
- package/dist/composite/meta.js +23 -0
- package/dist/composite/meta.js.map +1 -0
- package/dist/composite/osint.d.ts +3 -0
- package/dist/composite/osint.d.ts.map +1 -0
- package/dist/composite/osint.js +40 -0
- package/dist/composite/osint.js.map +1 -0
- package/dist/composite/recon.d.ts +3 -0
- package/dist/composite/recon.d.ts.map +1 -0
- package/dist/composite/recon.js +131 -0
- package/dist/composite/recon.js.map +1 -0
- package/dist/composite/scan-dns.d.ts +3 -0
- package/dist/composite/scan-dns.d.ts.map +1 -0
- package/dist/composite/scan-dns.js +44 -0
- package/dist/composite/scan-dns.js.map +1 -0
- package/dist/composite/scan-http.d.ts +3 -0
- package/dist/composite/scan-http.d.ts.map +1 -0
- package/dist/composite/scan-http.js +68 -0
- package/dist/composite/scan-http.js.map +1 -0
- package/dist/composite/scan-paths.d.ts +3 -0
- package/dist/composite/scan-paths.d.ts.map +1 -0
- package/dist/composite/scan-paths.js +32 -0
- package/dist/composite/scan-paths.js.map +1 -0
- package/dist/composite/scan-ports.d.ts +3 -0
- package/dist/composite/scan-ports.d.ts.map +1 -0
- package/dist/composite/scan-ports.js +79 -0
- package/dist/composite/scan-ports.js.map +1 -0
- package/dist/composite/scan-services.d.ts +3 -0
- package/dist/composite/scan-services.d.ts.map +1 -0
- package/dist/composite/scan-services.js +111 -0
- package/dist/composite/scan-services.js.map +1 -0
- package/dist/composite/scan-tls.d.ts +3 -0
- package/dist/composite/scan-tls.d.ts.map +1 -0
- package/dist/composite/scan-tls.js +32 -0
- package/dist/composite/scan-tls.js.map +1 -0
- package/dist/composite/scan-waf.d.ts +3 -0
- package/dist/composite/scan-waf.d.ts.map +1 -0
- package/dist/composite/scan-waf.js +35 -0
- package/dist/composite/scan-waf.js.map +1 -0
- package/dist/correlation/index.d.ts +3 -0
- package/dist/correlation/index.d.ts.map +1 -0
- package/dist/correlation/index.js +1044 -0
- package/dist/correlation/index.js.map +1 -0
- package/dist/data/analytics-patterns.d.ts +21 -0
- package/dist/data/analytics-patterns.d.ts.map +1 -0
- package/dist/data/analytics-patterns.js +449 -0
- package/dist/data/analytics-patterns.js.map +1 -0
- package/dist/data/app-signatures.d.ts +52 -0
- package/dist/data/app-signatures.d.ts.map +1 -0
- package/dist/data/app-signatures.js +1143 -0
- package/dist/data/app-signatures.js.map +1 -0
- package/dist/data/c2-signatures.d.ts +54 -0
- package/dist/data/c2-signatures.d.ts.map +1 -0
- package/dist/data/c2-signatures.js +256 -0
- package/dist/data/c2-signatures.js.map +1 -0
- package/dist/data/cloud-ranges.d.ts +34 -0
- package/dist/data/cloud-ranges.d.ts.map +1 -0
- package/dist/data/cloud-ranges.js +628 -0
- package/dist/data/cloud-ranges.js.map +1 -0
- package/dist/data/cookie-patterns.d.ts +28 -0
- package/dist/data/cookie-patterns.d.ts.map +1 -0
- package/dist/data/cookie-patterns.js +225 -0
- package/dist/data/cookie-patterns.js.map +1 -0
- package/dist/data/error-signatures.d.ts +19 -0
- package/dist/data/error-signatures.d.ts.map +1 -0
- package/dist/data/error-signatures.js +321 -0
- package/dist/data/error-signatures.js.map +1 -0
- package/dist/data/favicon-hashes.d.ts +25 -0
- package/dist/data/favicon-hashes.d.ts.map +1 -0
- package/dist/data/favicon-hashes.js +249 -0
- package/dist/data/favicon-hashes.js.map +1 -0
- package/dist/data/h2-signatures.d.ts +50 -0
- package/dist/data/h2-signatures.d.ts.map +1 -0
- package/dist/data/h2-signatures.js +211 -0
- package/dist/data/h2-signatures.js.map +1 -0
- package/dist/data/header-order.d.ts +38 -0
- package/dist/data/header-order.d.ts.map +1 -0
- package/dist/data/header-order.js +185 -0
- package/dist/data/header-order.js.map +1 -0
- package/dist/data/jarm-signatures.d.ts +25 -0
- package/dist/data/jarm-signatures.d.ts.map +1 -0
- package/dist/data/jarm-signatures.js +213 -0
- package/dist/data/jarm-signatures.js.map +1 -0
- package/dist/data/saas-patterns.d.ts +23 -0
- package/dist/data/saas-patterns.d.ts.map +1 -0
- package/dist/data/saas-patterns.js +139 -0
- package/dist/data/saas-patterns.js.map +1 -0
- package/dist/data/sensitive-paths.d.ts +12 -0
- package/dist/data/sensitive-paths.d.ts.map +1 -0
- package/dist/data/sensitive-paths.js +1539 -0
- package/dist/data/sensitive-paths.js.map +1 -0
- package/dist/data/service-banners.d.ts +59 -0
- package/dist/data/service-banners.d.ts.map +1 -0
- package/dist/data/service-banners.js +323 -0
- package/dist/data/service-banners.js.map +1 -0
- package/dist/data/smtp-signatures.d.ts +12 -0
- package/dist/data/smtp-signatures.d.ts.map +1 -0
- package/dist/data/smtp-signatures.js +350 -0
- package/dist/data/smtp-signatures.js.map +1 -0
- package/dist/data/takeover-patterns.d.ts +37 -0
- package/dist/data/takeover-patterns.d.ts.map +1 -0
- package/dist/data/takeover-patterns.js +249 -0
- package/dist/data/takeover-patterns.js.map +1 -0
- package/dist/data/tech-patterns.d.ts +44 -0
- package/dist/data/tech-patterns.d.ts.map +1 -0
- package/dist/data/tech-patterns.js +690 -0
- package/dist/data/tech-patterns.js.map +1 -0
- package/dist/data/waf-signatures.d.ts +21 -0
- package/dist/data/waf-signatures.d.ts.map +1 -0
- package/dist/data/waf-signatures.js +318 -0
- package/dist/data/waf-signatures.js.map +1 -0
- package/dist/dns/index.d.ts +3 -0
- package/dist/dns/index.d.ts.map +1 -0
- package/dist/dns/index.js +1067 -0
- package/dist/dns/index.js.map +1 -0
- package/dist/enum/index.d.ts +3 -0
- package/dist/enum/index.d.ts.map +1 -0
- package/dist/enum/index.js +818 -0
- package/dist/enum/index.js.map +1 -0
- package/dist/h2/index.d.ts +3 -0
- package/dist/h2/index.d.ts.map +1 -0
- package/dist/h2/index.js +414 -0
- package/dist/h2/index.js.map +1 -0
- package/dist/http/index.d.ts +3 -0
- package/dist/http/index.d.ts.map +1 -0
- package/dist/http/index.js +2444 -0
- package/dist/http/index.js.map +1 -0
- package/dist/identify/index.d.ts +3 -0
- package/dist/identify/index.d.ts.map +1 -0
- package/dist/identify/index.js +447 -0
- package/dist/identify/index.js.map +1 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +165 -0
- package/dist/index.js.map +1 -0
- package/dist/infra/index.d.ts +3 -0
- package/dist/infra/index.d.ts.map +1 -0
- package/dist/infra/index.js +989 -0
- package/dist/infra/index.js.map +1 -0
- package/dist/iot/index.d.ts +3 -0
- package/dist/iot/index.d.ts.map +1 -0
- package/dist/iot/index.js +610 -0
- package/dist/iot/index.js.map +1 -0
- package/dist/meta/index.d.ts +3 -0
- package/dist/meta/index.d.ts.map +1 -0
- package/dist/meta/index.js +442 -0
- package/dist/meta/index.js.map +1 -0
- package/dist/osint/index.d.ts +3 -0
- package/dist/osint/index.d.ts.map +1 -0
- package/dist/osint/index.js +687 -0
- package/dist/osint/index.js.map +1 -0
- package/dist/passive/index.d.ts +3 -0
- package/dist/passive/index.d.ts.map +1 -0
- package/dist/passive/index.js +944 -0
- package/dist/passive/index.js.map +1 -0
- package/dist/path/index.d.ts +3 -0
- package/dist/path/index.d.ts.map +1 -0
- package/dist/path/index.js +878 -0
- package/dist/path/index.js.map +1 -0
- package/dist/protocol/mcp-server.d.ts +4 -0
- package/dist/protocol/mcp-server.d.ts.map +1 -0
- package/dist/protocol/mcp-server.js +32 -0
- package/dist/protocol/mcp-server.js.map +1 -0
- package/dist/protocol/tools.d.ts +3 -0
- package/dist/protocol/tools.d.ts.map +1 -0
- package/dist/protocol/tools.js +5 -0
- package/dist/protocol/tools.js.map +1 -0
- package/dist/service/index.d.ts +3 -0
- package/dist/service/index.d.ts.map +1 -0
- package/dist/service/index.js +1053 -0
- package/dist/service/index.js.map +1 -0
- package/dist/smtp/index.d.ts +3 -0
- package/dist/smtp/index.d.ts.map +1 -0
- package/dist/smtp/index.js +437 -0
- package/dist/smtp/index.js.map +1 -0
- package/dist/ssh/index.d.ts +3 -0
- package/dist/ssh/index.d.ts.map +1 -0
- package/dist/ssh/index.js +676 -0
- package/dist/ssh/index.js.map +1 -0
- package/dist/tcp/index.d.ts +3 -0
- package/dist/tcp/index.d.ts.map +1 -0
- package/dist/tcp/index.js +369 -0
- package/dist/tcp/index.js.map +1 -0
- package/dist/timing/index.d.ts +3 -0
- package/dist/timing/index.d.ts.map +1 -0
- package/dist/timing/index.js +425 -0
- package/dist/timing/index.js.map +1 -0
- package/dist/tls/index.d.ts +3 -0
- package/dist/tls/index.d.ts.map +1 -0
- package/dist/tls/index.js +1332 -0
- package/dist/tls/index.js.map +1 -0
- package/dist/types/index.d.ts +26 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/index.js +8 -0
- package/dist/types/index.js.map +1 -0
- package/dist/utils/cache.d.ts +11 -0
- package/dist/utils/cache.d.ts.map +1 -0
- package/dist/utils/cache.js +35 -0
- package/dist/utils/cache.js.map +1 -0
- package/dist/utils/murmurhash3.d.ts +3 -0
- package/dist/utils/murmurhash3.d.ts.map +1 -0
- package/dist/utils/murmurhash3.js +57 -0
- package/dist/utils/murmurhash3.js.map +1 -0
- package/dist/utils/rate-limiter.d.ts +10 -0
- package/dist/utils/rate-limiter.d.ts.map +1 -0
- package/dist/utils/rate-limiter.js +35 -0
- package/dist/utils/rate-limiter.js.map +1 -0
- package/dist/utils/require-key.d.ts +2 -0
- package/dist/utils/require-key.d.ts.map +1 -0
- package/dist/utils/require-key.js +8 -0
- package/dist/utils/require-key.js.map +1 -0
- package/dist/waf/index.d.ts +3 -0
- package/dist/waf/index.d.ts.map +1 -0
- package/dist/waf/index.js +767 -0
- package/dist/waf/index.js.map +1 -0
- package/dist/web/index.d.ts +3 -0
- package/dist/web/index.d.ts.map +1 -0
- package/dist/web/index.js +1366 -0
- package/dist/web/index.js.map +1 -0
- package/package.json +66 -0
|
@@ -0,0 +1,249 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Favicon MurmurHash3 database for application fingerprinting.
|
|
3
|
+
*
|
|
4
|
+
* Shodan computes a signed 32-bit MurmurHash3 of the raw favicon bytes (after
|
|
5
|
+
* base64-encoding and joining lines with \n). The resulting hash is deterministic
|
|
6
|
+
* for a given favicon file. Many applications ship a default favicon that never
|
|
7
|
+
* changes across installations, making the hash a reliable fingerprint.
|
|
8
|
+
*
|
|
9
|
+
* Usage in Shodan: http.favicon.hash:<hash>
|
|
10
|
+
*
|
|
11
|
+
* References:
|
|
12
|
+
* - https://www.shodan.io/search/facet?query=http.favicon.hash
|
|
13
|
+
* - https://github.com/Viralmaniar/Favicon-Hash-For-Shodan
|
|
14
|
+
*/
|
|
15
|
+
export const FAVICON_HASHES = [
|
|
16
|
+
// ──────────────────────────────────────────────────
|
|
17
|
+
// CI/CD & DevOps
|
|
18
|
+
// ──────────────────────────────────────────────────
|
|
19
|
+
{
|
|
20
|
+
hash: -586023785,
|
|
21
|
+
name: "Jenkins",
|
|
22
|
+
category: "ci-cd",
|
|
23
|
+
},
|
|
24
|
+
{
|
|
25
|
+
hash: 81586312,
|
|
26
|
+
name: "Jenkins (blue ocean)",
|
|
27
|
+
category: "ci-cd",
|
|
28
|
+
},
|
|
29
|
+
{
|
|
30
|
+
hash: -1293290337,
|
|
31
|
+
name: "GitLab CE/EE",
|
|
32
|
+
category: "ci-cd",
|
|
33
|
+
},
|
|
34
|
+
{
|
|
35
|
+
hash: -1231872293,
|
|
36
|
+
name: "Argo CD",
|
|
37
|
+
category: "ci-cd",
|
|
38
|
+
},
|
|
39
|
+
{
|
|
40
|
+
hash: 1485257654,
|
|
41
|
+
name: "Sonatype Nexus Repository",
|
|
42
|
+
category: "ci-cd",
|
|
43
|
+
},
|
|
44
|
+
{
|
|
45
|
+
hash: -473653720,
|
|
46
|
+
name: "JFrog Artifactory",
|
|
47
|
+
category: "ci-cd",
|
|
48
|
+
},
|
|
49
|
+
{
|
|
50
|
+
hash: 1917443752,
|
|
51
|
+
name: "SonarQube",
|
|
52
|
+
category: "ci-cd",
|
|
53
|
+
},
|
|
54
|
+
{
|
|
55
|
+
hash: 595148549,
|
|
56
|
+
name: "Harbor Registry",
|
|
57
|
+
category: "ci-cd",
|
|
58
|
+
},
|
|
59
|
+
// ──────────────────────────────────────────────────
|
|
60
|
+
// Monitoring & Observability
|
|
61
|
+
// ──────────────────────────────────────────────────
|
|
62
|
+
{
|
|
63
|
+
hash: -1399433489,
|
|
64
|
+
name: "Grafana",
|
|
65
|
+
category: "monitoring",
|
|
66
|
+
},
|
|
67
|
+
{
|
|
68
|
+
hash: -1811827550,
|
|
69
|
+
name: "Kibana",
|
|
70
|
+
category: "monitoring",
|
|
71
|
+
},
|
|
72
|
+
{
|
|
73
|
+
hash: 1571196100,
|
|
74
|
+
name: "Prometheus",
|
|
75
|
+
category: "monitoring",
|
|
76
|
+
},
|
|
77
|
+
{
|
|
78
|
+
hash: -580765191,
|
|
79
|
+
name: "Graylog",
|
|
80
|
+
category: "monitoring",
|
|
81
|
+
},
|
|
82
|
+
{
|
|
83
|
+
hash: 999357577,
|
|
84
|
+
name: "Zabbix",
|
|
85
|
+
category: "monitoring",
|
|
86
|
+
},
|
|
87
|
+
{
|
|
88
|
+
hash: -412708573,
|
|
89
|
+
name: "Nagios",
|
|
90
|
+
category: "monitoring",
|
|
91
|
+
},
|
|
92
|
+
{
|
|
93
|
+
hash: -54810069,
|
|
94
|
+
name: "Cacti",
|
|
95
|
+
category: "monitoring",
|
|
96
|
+
},
|
|
97
|
+
// ──────────────────────────────────────────────────
|
|
98
|
+
// Firewalls & Network Security
|
|
99
|
+
// ──────────────────────────────────────────────────
|
|
100
|
+
{
|
|
101
|
+
hash: 945408572,
|
|
102
|
+
name: "FortiGate (Fortinet)",
|
|
103
|
+
category: "firewall",
|
|
104
|
+
},
|
|
105
|
+
{
|
|
106
|
+
hash: -305179312,
|
|
107
|
+
name: "pfSense",
|
|
108
|
+
category: "firewall",
|
|
109
|
+
},
|
|
110
|
+
{
|
|
111
|
+
hash: 1485478972,
|
|
112
|
+
name: "OPNsense",
|
|
113
|
+
category: "firewall",
|
|
114
|
+
},
|
|
115
|
+
{
|
|
116
|
+
hash: 362091310,
|
|
117
|
+
name: "Citrix NetScaler / ADC",
|
|
118
|
+
category: "firewall",
|
|
119
|
+
},
|
|
120
|
+
// ──────────────────────────────────────────────────
|
|
121
|
+
// Network Equipment & Infrastructure
|
|
122
|
+
// ──────────────────────────────────────────────────
|
|
123
|
+
{
|
|
124
|
+
hash: -1011037059,
|
|
125
|
+
name: "Ubiquiti UniFi Controller",
|
|
126
|
+
category: "network",
|
|
127
|
+
},
|
|
128
|
+
{
|
|
129
|
+
hash: 1898498554,
|
|
130
|
+
name: "MikroTik RouterOS",
|
|
131
|
+
category: "network",
|
|
132
|
+
},
|
|
133
|
+
{
|
|
134
|
+
hash: -831237885,
|
|
135
|
+
name: "Traefik Dashboard",
|
|
136
|
+
category: "network",
|
|
137
|
+
},
|
|
138
|
+
// ──────────────────────────────────────────────────
|
|
139
|
+
// CMS & Web Applications
|
|
140
|
+
// ──────────────────────────────────────────────────
|
|
141
|
+
{
|
|
142
|
+
hash: -335242539,
|
|
143
|
+
name: "phpMyAdmin",
|
|
144
|
+
category: "cms",
|
|
145
|
+
},
|
|
146
|
+
{
|
|
147
|
+
hash: 116323821,
|
|
148
|
+
name: "Spring Boot (default Leaf favicon)",
|
|
149
|
+
category: "cms",
|
|
150
|
+
},
|
|
151
|
+
{
|
|
152
|
+
hash: 1117779739,
|
|
153
|
+
name: "Apache Tomcat (default)",
|
|
154
|
+
category: "cms",
|
|
155
|
+
},
|
|
156
|
+
{
|
|
157
|
+
hash: -428315662,
|
|
158
|
+
name: "Webmin",
|
|
159
|
+
category: "cms",
|
|
160
|
+
},
|
|
161
|
+
{
|
|
162
|
+
hash: -160464759,
|
|
163
|
+
name: "cPanel",
|
|
164
|
+
category: "cms",
|
|
165
|
+
},
|
|
166
|
+
{
|
|
167
|
+
hash: -2044357687,
|
|
168
|
+
name: "Plesk",
|
|
169
|
+
category: "cms",
|
|
170
|
+
},
|
|
171
|
+
{
|
|
172
|
+
hash: -244487534,
|
|
173
|
+
name: "RabbitMQ Management",
|
|
174
|
+
category: "cms",
|
|
175
|
+
},
|
|
176
|
+
// ──────────────────────────────────────────────────
|
|
177
|
+
// Database & Search
|
|
178
|
+
// ──────────────────────────────────────────────────
|
|
179
|
+
{
|
|
180
|
+
hash: -536764016,
|
|
181
|
+
name: "Elasticsearch",
|
|
182
|
+
category: "database",
|
|
183
|
+
},
|
|
184
|
+
{
|
|
185
|
+
hash: -656811182,
|
|
186
|
+
name: "CouchDB Fauxton",
|
|
187
|
+
category: "database",
|
|
188
|
+
},
|
|
189
|
+
// ──────────────────────────────────────────────────
|
|
190
|
+
// Security & IAM
|
|
191
|
+
// ──────────────────────────────────────────────────
|
|
192
|
+
{
|
|
193
|
+
hash: -1073546895,
|
|
194
|
+
name: "HashiCorp Vault",
|
|
195
|
+
category: "security",
|
|
196
|
+
},
|
|
197
|
+
{
|
|
198
|
+
hash: 113734322,
|
|
199
|
+
name: "HashiCorp Consul",
|
|
200
|
+
category: "security",
|
|
201
|
+
},
|
|
202
|
+
{
|
|
203
|
+
hash: -1166125415,
|
|
204
|
+
name: "Keycloak",
|
|
205
|
+
category: "security",
|
|
206
|
+
},
|
|
207
|
+
// ──────────────────────────────────────────────────
|
|
208
|
+
// Storage & NAS
|
|
209
|
+
// ──────────────────────────────────────────────────
|
|
210
|
+
{
|
|
211
|
+
hash: -822940097,
|
|
212
|
+
name: "MinIO",
|
|
213
|
+
category: "storage",
|
|
214
|
+
},
|
|
215
|
+
{
|
|
216
|
+
hash: -1535817075,
|
|
217
|
+
name: "Synology DSM",
|
|
218
|
+
category: "storage",
|
|
219
|
+
},
|
|
220
|
+
{
|
|
221
|
+
hash: 1262005765,
|
|
222
|
+
name: "QNAP QTS",
|
|
223
|
+
category: "storage",
|
|
224
|
+
},
|
|
225
|
+
// ──────────────────────────────────────────────────
|
|
226
|
+
// Management & Orchestration
|
|
227
|
+
// ──────────────────────────────────────────────────
|
|
228
|
+
{
|
|
229
|
+
hash: -1889921692,
|
|
230
|
+
name: "Atlassian Jira",
|
|
231
|
+
category: "management",
|
|
232
|
+
},
|
|
233
|
+
{
|
|
234
|
+
hash: -305317842,
|
|
235
|
+
name: "Atlassian Confluence",
|
|
236
|
+
category: "management",
|
|
237
|
+
},
|
|
238
|
+
{
|
|
239
|
+
hash: -1950415971,
|
|
240
|
+
name: "Kubernetes Dashboard",
|
|
241
|
+
category: "management",
|
|
242
|
+
},
|
|
243
|
+
{
|
|
244
|
+
hash: 671932091,
|
|
245
|
+
name: "Portainer",
|
|
246
|
+
category: "management",
|
|
247
|
+
},
|
|
248
|
+
];
|
|
249
|
+
//# sourceMappingURL=favicon-hashes.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"favicon-hashes.js","sourceRoot":"","sources":["../../src/data/favicon-hashes.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAsBH,MAAM,CAAC,MAAM,cAAc,GAAkB;IAC3C,qDAAqD;IACrD,iBAAiB;IACjB,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,cAAc;QACpB,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,WAAW;QACjB,QAAQ,EAAE,OAAO;KAClB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,iBAAiB;QACvB,QAAQ,EAAE,OAAO;KAClB;IAED,qDAAqD;IACrD,6BAA6B;IAC7B,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,YAAY;QAClB,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,CAAC,QAAQ;QACf,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,YAAY;KACvB;IAED,qDAAqD;IACrD,+BAA+B;IAC/B,qDAAqD;IACrD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,UAAU;QAChB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,UAAU;KACrB;IAED,qDAAqD;IACrD,qCAAqC;IACrC,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,SAAS;KACpB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,SAAS;KACpB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,SAAS;KACpB;IAED,qDAAqD;IACrD,yBAAyB;IACzB,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,YAAY;QAClB,QAAQ,EAAE,KAAK;KAChB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,oCAAoC;QAC1C,QAAQ,EAAE,KAAK;KAChB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,KAAK;KAChB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,KAAK;KAChB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,KAAK;KAChB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,KAAK;KAChB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,KAAK;KAChB;IAED,qDAAqD;IACrD,oBAAoB;IACpB,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,eAAe;QACrB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,iBAAiB;QACvB,QAAQ,EAAE,UAAU;KACrB;IAED,qDAAqD;IACrD,iBAAiB;IACjB,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,iBAAiB;QACvB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,kBAAkB;QACxB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,UAAU;QAChB,QAAQ,EAAE,UAAU;KACrB;IAED,qDAAqD;IACrD,gBAAgB;IAChB,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,SAAS;KACpB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,cAAc;QACpB,QAAQ,EAAE,SAAS;KACpB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,UAAU;QAChB,QAAQ,EAAE,SAAS;KACpB;IAED,qDAAqD;IACrD,6BAA6B;IAC7B,qDAAqD;IACrD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,gBAAgB;QACtB,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,CAAC,SAAS;QAChB,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,CAAC,UAAU;QACjB,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,WAAW;QACjB,QAAQ,EAAE,YAAY;KACvB;CACF,CAAC"}
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* HTTP/2 SETTINGS frame fingerprints for server implementation identification.
|
|
3
|
+
*
|
|
4
|
+
* When an HTTP/2 connection is established, the server sends a SETTINGS frame
|
|
5
|
+
* (RFC 7540 Section 6.5) containing its preferred protocol parameters. Different
|
|
6
|
+
* HTTP/2 implementations choose distinct default values and orderings for these
|
|
7
|
+
* settings, creating a reliable passive fingerprint.
|
|
8
|
+
*
|
|
9
|
+
* Additionally, idle connection GOAWAY behavior (timeout duration and debug data)
|
|
10
|
+
* varies across implementations, providing a secondary identification signal.
|
|
11
|
+
*
|
|
12
|
+
* SETTINGS frame parameters (RFC 7540 Section 6.5.2):
|
|
13
|
+
* - HEADER_TABLE_SIZE (0x1) - HPACK dynamic table size
|
|
14
|
+
* - ENABLE_PUSH (0x2) - Server push enabled (0 or 1)
|
|
15
|
+
* - MAX_CONCURRENT_STREAMS (0x3) - Max simultaneous streams
|
|
16
|
+
* - INITIAL_WINDOW_SIZE (0x4) - Flow-control window size
|
|
17
|
+
* - MAX_FRAME_SIZE (0x5) - Largest frame payload
|
|
18
|
+
* - MAX_HEADER_LIST_SIZE (0x6) - Max header list size
|
|
19
|
+
*
|
|
20
|
+
* References:
|
|
21
|
+
* - RFC 7540 (HTTP/2)
|
|
22
|
+
* - https://github.com/AliasIO/wappalyzer
|
|
23
|
+
* - https://www.blackhat.com/docs/eu-17/materials/eu-17-Shuster-Passive-Fingerprinting-Of-HTTP2-Clients-wp.pdf
|
|
24
|
+
*/
|
|
25
|
+
/** HTTP/2 SETTINGS frame signature for a known server implementation. */
|
|
26
|
+
export interface H2Signature {
|
|
27
|
+
/** Server or implementation name */
|
|
28
|
+
server: string;
|
|
29
|
+
/** Expected SETTINGS frame parameters (undefined means the setting is not sent) */
|
|
30
|
+
settings: {
|
|
31
|
+
/** HPACK header table size in bytes */
|
|
32
|
+
headerTableSize?: number;
|
|
33
|
+
/** Whether server push is enabled (0 = disabled, 1 = enabled) */
|
|
34
|
+
enablePush?: number;
|
|
35
|
+
/** Maximum number of concurrent streams */
|
|
36
|
+
maxConcurrentStreams?: number;
|
|
37
|
+
/** Initial flow-control window size in bytes */
|
|
38
|
+
initialWindowSize?: number;
|
|
39
|
+
/** Maximum frame payload size in bytes */
|
|
40
|
+
maxFrameSize?: number;
|
|
41
|
+
/** Maximum header list size in bytes */
|
|
42
|
+
maxHeaderListSize?: number;
|
|
43
|
+
};
|
|
44
|
+
/** Idle timeout in seconds before the server sends GOAWAY */
|
|
45
|
+
goawayTimeout?: number;
|
|
46
|
+
/** Expected content of the GOAWAY debug data field */
|
|
47
|
+
goawayDebugData?: string;
|
|
48
|
+
}
|
|
49
|
+
export declare const H2_SIGNATURES: H2Signature[];
|
|
50
|
+
//# sourceMappingURL=h2-signatures.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"h2-signatures.d.ts","sourceRoot":"","sources":["../../src/data/h2-signatures.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,yEAAyE;AACzE,MAAM,WAAW,WAAW;IAC1B,oCAAoC;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,mFAAmF;IACnF,QAAQ,EAAE;QACR,uCAAuC;QACvC,eAAe,CAAC,EAAE,MAAM,CAAC;QACzB,iEAAiE;QACjE,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,2CAA2C;QAC3C,oBAAoB,CAAC,EAAE,MAAM,CAAC;QAC9B,gDAAgD;QAChD,iBAAiB,CAAC,EAAE,MAAM,CAAC;QAC3B,0CAA0C;QAC1C,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,wCAAwC;QACxC,iBAAiB,CAAC,EAAE,MAAM,CAAC;KAC5B,CAAC;IACF,6DAA6D;IAC7D,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,sDAAsD;IACtD,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,eAAO,MAAM,aAAa,EAAE,WAAW,EAyLtC,CAAC"}
|
|
@@ -0,0 +1,211 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* HTTP/2 SETTINGS frame fingerprints for server implementation identification.
|
|
3
|
+
*
|
|
4
|
+
* When an HTTP/2 connection is established, the server sends a SETTINGS frame
|
|
5
|
+
* (RFC 7540 Section 6.5) containing its preferred protocol parameters. Different
|
|
6
|
+
* HTTP/2 implementations choose distinct default values and orderings for these
|
|
7
|
+
* settings, creating a reliable passive fingerprint.
|
|
8
|
+
*
|
|
9
|
+
* Additionally, idle connection GOAWAY behavior (timeout duration and debug data)
|
|
10
|
+
* varies across implementations, providing a secondary identification signal.
|
|
11
|
+
*
|
|
12
|
+
* SETTINGS frame parameters (RFC 7540 Section 6.5.2):
|
|
13
|
+
* - HEADER_TABLE_SIZE (0x1) - HPACK dynamic table size
|
|
14
|
+
* - ENABLE_PUSH (0x2) - Server push enabled (0 or 1)
|
|
15
|
+
* - MAX_CONCURRENT_STREAMS (0x3) - Max simultaneous streams
|
|
16
|
+
* - INITIAL_WINDOW_SIZE (0x4) - Flow-control window size
|
|
17
|
+
* - MAX_FRAME_SIZE (0x5) - Largest frame payload
|
|
18
|
+
* - MAX_HEADER_LIST_SIZE (0x6) - Max header list size
|
|
19
|
+
*
|
|
20
|
+
* References:
|
|
21
|
+
* - RFC 7540 (HTTP/2)
|
|
22
|
+
* - https://github.com/AliasIO/wappalyzer
|
|
23
|
+
* - https://www.blackhat.com/docs/eu-17/materials/eu-17-Shuster-Passive-Fingerprinting-Of-HTTP2-Clients-wp.pdf
|
|
24
|
+
*/
|
|
25
|
+
export const H2_SIGNATURES = [
|
|
26
|
+
{
|
|
27
|
+
server: "Nginx",
|
|
28
|
+
settings: {
|
|
29
|
+
headerTableSize: 4096,
|
|
30
|
+
enablePush: 0,
|
|
31
|
+
maxConcurrentStreams: 128,
|
|
32
|
+
initialWindowSize: 65535,
|
|
33
|
+
maxFrameSize: 16384,
|
|
34
|
+
maxHeaderListSize: 16384,
|
|
35
|
+
},
|
|
36
|
+
goawayTimeout: 60,
|
|
37
|
+
},
|
|
38
|
+
{
|
|
39
|
+
server: "Nginx (tuned)",
|
|
40
|
+
settings: {
|
|
41
|
+
headerTableSize: 4096,
|
|
42
|
+
enablePush: 0,
|
|
43
|
+
maxConcurrentStreams: 256,
|
|
44
|
+
initialWindowSize: 65535,
|
|
45
|
+
maxFrameSize: 16384,
|
|
46
|
+
maxHeaderListSize: 32768,
|
|
47
|
+
},
|
|
48
|
+
goawayTimeout: 60,
|
|
49
|
+
},
|
|
50
|
+
{
|
|
51
|
+
server: "Apache httpd (mod_http2)",
|
|
52
|
+
settings: {
|
|
53
|
+
headerTableSize: 8192,
|
|
54
|
+
enablePush: 1,
|
|
55
|
+
maxConcurrentStreams: 100,
|
|
56
|
+
initialWindowSize: 65535,
|
|
57
|
+
maxFrameSize: 16384,
|
|
58
|
+
maxHeaderListSize: 25600,
|
|
59
|
+
},
|
|
60
|
+
goawayTimeout: 0,
|
|
61
|
+
goawayDebugData: "",
|
|
62
|
+
},
|
|
63
|
+
{
|
|
64
|
+
server: "Envoy Proxy",
|
|
65
|
+
settings: {
|
|
66
|
+
headerTableSize: 4096,
|
|
67
|
+
enablePush: 0,
|
|
68
|
+
maxConcurrentStreams: 2147483647,
|
|
69
|
+
initialWindowSize: 268435456,
|
|
70
|
+
maxFrameSize: 16384,
|
|
71
|
+
maxHeaderListSize: 60000,
|
|
72
|
+
},
|
|
73
|
+
goawayTimeout: 300,
|
|
74
|
+
goawayDebugData: "",
|
|
75
|
+
},
|
|
76
|
+
{
|
|
77
|
+
server: "Cloudflare",
|
|
78
|
+
settings: {
|
|
79
|
+
headerTableSize: 65536,
|
|
80
|
+
enablePush: 0,
|
|
81
|
+
maxConcurrentStreams: 256,
|
|
82
|
+
initialWindowSize: 65536,
|
|
83
|
+
maxFrameSize: 16384,
|
|
84
|
+
maxHeaderListSize: 16384,
|
|
85
|
+
},
|
|
86
|
+
goawayTimeout: 900,
|
|
87
|
+
},
|
|
88
|
+
{
|
|
89
|
+
server: "AWS Application Load Balancer",
|
|
90
|
+
settings: {
|
|
91
|
+
headerTableSize: 4096,
|
|
92
|
+
enablePush: 0,
|
|
93
|
+
maxConcurrentStreams: 128,
|
|
94
|
+
initialWindowSize: 65535,
|
|
95
|
+
maxFrameSize: 16384,
|
|
96
|
+
maxHeaderListSize: 131072,
|
|
97
|
+
},
|
|
98
|
+
goawayTimeout: 60,
|
|
99
|
+
},
|
|
100
|
+
{
|
|
101
|
+
server: "Caddy",
|
|
102
|
+
settings: {
|
|
103
|
+
headerTableSize: 4096,
|
|
104
|
+
enablePush: 0,
|
|
105
|
+
maxConcurrentStreams: 250,
|
|
106
|
+
initialWindowSize: 1048576,
|
|
107
|
+
maxFrameSize: 16384,
|
|
108
|
+
maxHeaderListSize: 8192,
|
|
109
|
+
},
|
|
110
|
+
goawayTimeout: 0,
|
|
111
|
+
},
|
|
112
|
+
{
|
|
113
|
+
server: "LiteSpeed",
|
|
114
|
+
settings: {
|
|
115
|
+
headerTableSize: 65536,
|
|
116
|
+
enablePush: 1,
|
|
117
|
+
maxConcurrentStreams: 100,
|
|
118
|
+
initialWindowSize: 65535,
|
|
119
|
+
maxFrameSize: 16384,
|
|
120
|
+
maxHeaderListSize: 65536,
|
|
121
|
+
},
|
|
122
|
+
goawayTimeout: 300,
|
|
123
|
+
},
|
|
124
|
+
{
|
|
125
|
+
server: "Node.js (http2 module)",
|
|
126
|
+
settings: {
|
|
127
|
+
headerTableSize: 4096,
|
|
128
|
+
enablePush: 1,
|
|
129
|
+
maxConcurrentStreams: 4294967295,
|
|
130
|
+
initialWindowSize: 65535,
|
|
131
|
+
maxFrameSize: 16384,
|
|
132
|
+
},
|
|
133
|
+
goawayTimeout: 120,
|
|
134
|
+
goawayDebugData: "",
|
|
135
|
+
},
|
|
136
|
+
{
|
|
137
|
+
server: "Go net/http2",
|
|
138
|
+
settings: {
|
|
139
|
+
headerTableSize: 4096,
|
|
140
|
+
enablePush: 0,
|
|
141
|
+
maxConcurrentStreams: 250,
|
|
142
|
+
initialWindowSize: 1048576,
|
|
143
|
+
maxFrameSize: 16384,
|
|
144
|
+
maxHeaderListSize: 10485760,
|
|
145
|
+
},
|
|
146
|
+
goawayTimeout: 0,
|
|
147
|
+
goawayDebugData: "graceful_stop",
|
|
148
|
+
},
|
|
149
|
+
{
|
|
150
|
+
server: "Microsoft IIS / Kestrel",
|
|
151
|
+
settings: {
|
|
152
|
+
headerTableSize: 4096,
|
|
153
|
+
enablePush: 1,
|
|
154
|
+
maxConcurrentStreams: 100,
|
|
155
|
+
initialWindowSize: 65535,
|
|
156
|
+
maxFrameSize: 16384,
|
|
157
|
+
maxHeaderListSize: 32768,
|
|
158
|
+
},
|
|
159
|
+
goawayTimeout: 120,
|
|
160
|
+
},
|
|
161
|
+
{
|
|
162
|
+
server: "Akamai Ghost",
|
|
163
|
+
settings: {
|
|
164
|
+
headerTableSize: 4096,
|
|
165
|
+
enablePush: 0,
|
|
166
|
+
maxConcurrentStreams: 100,
|
|
167
|
+
initialWindowSize: 65535,
|
|
168
|
+
maxFrameSize: 16384,
|
|
169
|
+
maxHeaderListSize: 32768,
|
|
170
|
+
},
|
|
171
|
+
goawayTimeout: 120,
|
|
172
|
+
},
|
|
173
|
+
{
|
|
174
|
+
server: "Fastly (H2O / Varnish)",
|
|
175
|
+
settings: {
|
|
176
|
+
headerTableSize: 4096,
|
|
177
|
+
enablePush: 0,
|
|
178
|
+
maxConcurrentStreams: 100,
|
|
179
|
+
initialWindowSize: 262144,
|
|
180
|
+
maxFrameSize: 16384,
|
|
181
|
+
maxHeaderListSize: 65536,
|
|
182
|
+
},
|
|
183
|
+
goawayTimeout: 60,
|
|
184
|
+
},
|
|
185
|
+
{
|
|
186
|
+
server: "Traefik",
|
|
187
|
+
settings: {
|
|
188
|
+
headerTableSize: 4096,
|
|
189
|
+
enablePush: 0,
|
|
190
|
+
maxConcurrentStreams: 250,
|
|
191
|
+
initialWindowSize: 1048576,
|
|
192
|
+
maxFrameSize: 16384,
|
|
193
|
+
maxHeaderListSize: 10485760,
|
|
194
|
+
},
|
|
195
|
+
goawayTimeout: 0,
|
|
196
|
+
goawayDebugData: "graceful_stop",
|
|
197
|
+
},
|
|
198
|
+
{
|
|
199
|
+
server: "gRPC (Go)",
|
|
200
|
+
settings: {
|
|
201
|
+
headerTableSize: 4096,
|
|
202
|
+
enablePush: 0,
|
|
203
|
+
maxConcurrentStreams: 4294967295,
|
|
204
|
+
initialWindowSize: 65535,
|
|
205
|
+
maxFrameSize: 16384,
|
|
206
|
+
},
|
|
207
|
+
goawayTimeout: 0,
|
|
208
|
+
goawayDebugData: "max_age",
|
|
209
|
+
},
|
|
210
|
+
];
|
|
211
|
+
//# sourceMappingURL=h2-signatures.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"h2-signatures.js","sourceRoot":"","sources":["../../src/data/h2-signatures.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AA2BH,MAAM,CAAC,MAAM,aAAa,GAAkB;IAC1C;QACE,MAAM,EAAE,OAAO;QACf,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,EAAE;KAClB;IACD;QACE,MAAM,EAAE,eAAe;QACvB,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,EAAE;KAClB;IACD;QACE,MAAM,EAAE,0BAA0B;QAClC,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,CAAC;QAChB,eAAe,EAAE,EAAE;KACpB;IACD;QACE,MAAM,EAAE,aAAa;QACrB,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,UAAU;YAChC,iBAAiB,EAAE,SAAS;YAC5B,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,GAAG;QAClB,eAAe,EAAE,EAAE;KACpB;IACD;QACE,MAAM,EAAE,YAAY;QACpB,QAAQ,EAAE;YACR,eAAe,EAAE,KAAK;YACtB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,GAAG;KACnB;IACD;QACE,MAAM,EAAE,+BAA+B;QACvC,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,MAAM;SAC1B;QACD,aAAa,EAAE,EAAE;KAClB;IACD;QACE,MAAM,EAAE,OAAO;QACf,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,OAAO;YAC1B,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,IAAI;SACxB;QACD,aAAa,EAAE,CAAC;KACjB;IACD;QACE,MAAM,EAAE,WAAW;QACnB,QAAQ,EAAE;YACR,eAAe,EAAE,KAAK;YACtB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,GAAG;KACnB;IACD;QACE,MAAM,EAAE,wBAAwB;QAChC,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,UAAU;YAChC,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;SACpB;QACD,aAAa,EAAE,GAAG;QAClB,eAAe,EAAE,EAAE;KACpB;IACD;QACE,MAAM,EAAE,cAAc;QACtB,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,OAAO;YAC1B,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,QAAQ;SAC5B;QACD,aAAa,EAAE,CAAC;QAChB,eAAe,EAAE,eAAe;KACjC;IACD;QACE,MAAM,EAAE,yBAAyB;QACjC,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,GAAG;KACnB;IACD;QACE,MAAM,EAAE,cAAc;QACtB,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,GAAG;KACnB;IACD;QACE,MAAM,EAAE,wBAAwB;QAChC,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,MAAM;YACzB,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,KAAK;SACzB;QACD,aAAa,EAAE,EAAE;KAClB;IACD;QACE,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,GAAG;YACzB,iBAAiB,EAAE,OAAO;YAC1B,YAAY,EAAE,KAAK;YACnB,iBAAiB,EAAE,QAAQ;SAC5B;QACD,aAAa,EAAE,CAAC;QAChB,eAAe,EAAE,eAAe;KACjC;IACD;QACE,MAAM,EAAE,WAAW;QACnB,QAAQ,EAAE;YACR,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,CAAC;YACb,oBAAoB,EAAE,UAAU;YAChC,iBAAiB,EAAE,KAAK;YACxB,YAAY,EAAE,KAAK;SACpB;QACD,aAAa,EAAE,CAAC;QAChB,eAAe,EAAE,SAAS;KAC3B;CACF,CAAC"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* HTTP response header ordering signatures for server identification.
|
|
3
|
+
*
|
|
4
|
+
* Different HTTP server implementations emit response headers in a characteristic
|
|
5
|
+
* order that is determined by the source code, not by any standard. By recording the
|
|
6
|
+
* order of canonical header names in a response and comparing against known signatures
|
|
7
|
+
* we can passively fingerprint the server software -- even when the Server header is
|
|
8
|
+
* stripped or spoofed.
|
|
9
|
+
*
|
|
10
|
+
* The hash is computed by joining the lowercased header names with commas and taking
|
|
11
|
+
* a simple FNV-1a 32-bit hash of the resulting string.
|
|
12
|
+
*
|
|
13
|
+
* References:
|
|
14
|
+
* - https://httprobe.org
|
|
15
|
+
* - Nmap HTTP fingerprinting engine
|
|
16
|
+
*/
|
|
17
|
+
/** A known header-order signature entry. */
|
|
18
|
+
export interface HeaderOrderSignature {
|
|
19
|
+
/** The server software name */
|
|
20
|
+
server: string;
|
|
21
|
+
/** Canonical header names in the order they appear in a typical response */
|
|
22
|
+
order: string[];
|
|
23
|
+
/** Precomputed SHA-256-based short hash of the joined header order for quick matching */
|
|
24
|
+
hash: string;
|
|
25
|
+
}
|
|
26
|
+
/**
|
|
27
|
+
* Compute a deterministic hash from an array of header names.
|
|
28
|
+
*
|
|
29
|
+
* The function lowercases every header name, joins them with commas, and returns
|
|
30
|
+
* the first 16 hex characters of the SHA-256 digest. This gives 64 bits of entropy
|
|
31
|
+
* which is sufficient for matching against a small dictionary.
|
|
32
|
+
*
|
|
33
|
+
* @param headers - Array of header names in observed order
|
|
34
|
+
* @returns 16-character hex hash string
|
|
35
|
+
*/
|
|
36
|
+
export declare function computeHeaderOrderHash(headers: string[]): string;
|
|
37
|
+
export declare const HEADER_ORDER_SIGNATURES: HeaderOrderSignature[];
|
|
38
|
+
//# sourceMappingURL=header-order.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"header-order.d.ts","sourceRoot":"","sources":["../../src/data/header-order.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAIH,4CAA4C;AAC5C,MAAM,WAAW,oBAAoB;IACnC,+BAA+B;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,4EAA4E;IAC5E,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,yFAAyF;IACzF,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;;;;;;;;GASG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,CAIhE;AAED,eAAO,MAAM,uBAAuB,EAAE,oBAAoB,EAuJzD,CAAC"}
|