OWASP Automated Threats

Elicit information about the supporting software and framework types and versions.

What is Fingerprinting?

Specific requests are sent to the application eliciting information in order to profile the application. This probing typically examines HTTP header names and values, session identifier names and formats, contents of error page messages, URL path case sensitivity, URL path patterns, file extensions, and whether software-specific files and directories exist. Fingerprinting is often reliant on information leakage and this profiling may also reveal some network architecture/topology. The fingerprinting may be undertaken without any direct usage of the application, e.g. by querying a store of exposed application properties such as held in a search engine’s index.

Fingerprinting seeks to identity application components, whereas OAT-018 Footprinting is a more detailed analysis of how the application works.

Fingerprinting is also known by terms such as google dorking, google hacking, target acquisition, target scanning, finding potentially vulnerable applications, reconnaissance, URL harvesting and web application fingerprinting.

The symptoms of Fingerprinting

  • 1
    Single HTTP requests (just one single request and no more from that browser / session / device / fingerprint)
  • 2
    Often none, but possibly requests for a wide range of missing resources
  • 3
    Requests for resources that are rarely requested

Sectors targeted by Fingerprinting

  • Education
  • Entertainment
  • Financial
  • Government
  • Health
  • Retail
  • Technology
  • Social Networking

Can InfiSecure prevent Fingerprinting?

InfiSecure’s global bot intelligence system restricts access from IP addresses with low reputation and blocks the most sophisticated bots engaged in fingerprinting.