HTTP Fingerprinting Simplified

httprint is a Web server fingerprinting tool that identifies the type of the

running HTTP server, and also detects whether a Web server is obfuscated using a

third party software or not. It uses the HTTP fingerprinting technique that is

quite popular amongst pen testers. One can use it for Web server inventory and

detecting Web enabled devices.

This tool supports automatic SSL detection and analysis. You can gather

various details about SSL certificates such as who is the issuer, issue date,

certificate's expiry date etc. Its signatures database is in a text file, and

these signatures are used to analyze the signatures that the scanned Web server

generates. You can also customize its signature database. It lets you import Web

server's details from an nmap scan and can be installed on all versions of

Windows, Linux, and Mac OS X.

Below 'Host' option provide the name & port no of the Web server. To add more hosts, right click and choose 'Add new' option. Click on Start to begin the scanning process	Once the scanning is done, you can view the banner reported by the Web server and banner deduced by the http print. A difference between the two implies obfuscation
After selecting the detected Web server, you can see the http signature returned from the server and also the OS on which the Web server is running	httprint also generates a detailed report of the scan performed. In the screenshot above, you can see a detailed SSL analysis done by httprint tool