A fingerprint is a unique trait used to identify a specific entity.
in a cybersecurity context, malware and legitimate software and be “fingerprinted” in a number of ways.
fingerprinting is leveraged both offensively and defensively. An example of fingerprinting used in an offensive context is using a tool to grab a banners from services running on a remote victim’s host in order to determine which exploits or techniques to use against it. In a defensive context, malware is often fingerprinted or signatured by its hash value; if a file or executable is found running this hash, its almost certainly malicious.
Links to this note
- attribution-steffens2020
- fingerinthepower-botvinnik2023
- fingerprinting using power consumption measurements
- radio fingerprinting
- XMIT_ID
- Main Index
- buildingopensourcenetworksecuritytools-schiffman2003
- hasshServer
- banner grabbing
- fingerprinting using User-Agents
- HASSH
- HASSH NSE
- Main Index - F
- malware disguising User-Agent strings
- sqlmap User-Agent
- User-Agent
- WhatWeb