p0f
Passive OS fingerprinting tool
Install
- All systems
-
curl cmd.cat/p0f.sh
- Debian
-
apt-get install p0f
- Ubuntu
-
apt-get install p0f
- Arch Linux
-
pacman -S p0f
- Kali Linux
-
apt-get install p0f
- Fedora
-
dnf install p0f
- Windows (WSL2)
-
sudo apt-get update
sudo apt-get install p0f
- OS X
-
brew install p0f
- Raspbian
-
apt-get install p0f
- Dockerfile
- dockerfile.run/p0f
p0f
Passive OS fingerprinting tool
p0f performs passive OS detection based on SYN packets. Unlike nmap and queso, p0f does recognition without sending any data. Additionally, it is able to determine the distance to the remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used as powerful IDS add-on. p0f supports full tcpdump-style filtering expressions, and has an extensible and detailed fingerprinting database.