A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Written in nodeJS and Electron.
This might be a long "task" as it's ever growing. All fingerprints i find along the way will be added here and once added to the JSON file with regexp, descriptions and a title it can be checked as done for each one. This list does not include the already 25 fingerprints i have added. So please before adding new string here, check if it's already in the file by doing a:
The steps to help:
Basically the task is to choose a verification-string from below and then do the following research:
Figure out who it belongs to
Figure out the specific service/product it belongs to
Figure out the simplest regex to uniqliy identify it
1) a test regexp
2) a match regexp (that matches the hash/data)
Use the JSON template and add it to the file :)
JSON Template for new fingerprint
{
"fingerprintName": "<short 40-70chars detailed output string for fingerprint>",
"inCategoeries": [0],
"serviceProvider": {
"name": "<company name>",
"desc": "<company short info>",
"url": "<company/product link>"
},
"serviceHash": {
"original": "<verification string as seen in the wild/from the task list)>",
"comment": "",
"regexp": {
"test": "/^<regexp-test>/i",
"match": "/^<regexp-match (.+)>/i"
}
}
}
# To list all known test strings
cat online-service-provider-fingerprint.json | jq '.knownFingerprints[].serviceHash.regexp.test'
# To search for a specific string
cat online-service-provider-fingerprint.json | jq '.knownFingerprints[].serviceHash.regexp.test' | grep "string"
Vendor verification strings seen in the wild
This is the list of evergrowing strings seen in the wild that i would love to be able to fingerprint :)
So digg in !!
Fingerprinting vendor verification strings
This might be a long "task" as it's ever growing. All fingerprints i find along the way will be added here and once added to the JSON file with regexp, descriptions and a title it can be checked as done for each one. This list does not include the already 25 fingerprints i have added. So please before adding new string here, check if it's already in the file by doing a:
Want to contribute ? This is the file we are working on: https://github.com/kawaiipantsu/redjoust/blob/dev/assets/json/online-service-provider-fingerprint.json
The steps to help: Basically the task is to choose a verification-string from below and then do the following research:
JSON Template for new fingerprint
Vendor verification strings seen in the wild
This is the list of evergrowing strings seen in the wild that i would love to be able to fingerprint :) So digg in !!
_spf.q4press.com.126953328-4422040688162515-44220378RPDXjBzBS9tu7Pbysu7qCACrwXPoDV8ZtLfthTnC4y9VJFLd84it5sQlEITgSLJ4KOIA8pBZxmyvPujuUvhOg==9rHeUd6AiQ30jFgENxeGX6CKgbSmFB/NeV5oCOQS5PbafVN66NOLFLcsuixmOo1krFPgHLMt7TCEL3iJOUF1mQ==d1xTs9+kADZZSz3bPphLpkMXXxBGjqn5vsQHhi2M6lo0r8AdIbm6j8LfQXPujsywVgeGSP+AXWX0vO9Iep5cUg==zpSH7Ye/seyY61hH8+Rq5Kb+ZJ9hDa+qeFBaD/6sPAAg+2POkGdP0byHb1pFVK9uZgYF2AIosUSZq4MB17oydQ==SUyD3kNWX8BcKENoplaQAU6nSMzvEsoota+RWH5YYE3xC7oadZybEhbiad16zkVvg0H/hifubMBuZS50OVuBgQ==907D-6CE2-7BD0-FF0C-7E83-E21D-AD2B-DD27926723159-3188410adobe-aem-verification=www-idev-cloud.cisco.com/24859/366204/1b990ef7-ff88-4938-bdd9-8458cc152f57adobe-idp-site-verification=c900335b8b825859b51473b9943a3880ae795df47426483b0a67630377a902f5aliyun-site-verification=47b62ce6-8506-41f0-bb2f-07b3a645d506apple-domain-verification=qOInipPgso3W8cmKasv=ac90e11808e87cfbf8768e69819b1acabugcrowd-verification=4cb12e80d1cc53286a15726ee4bf8f6ec900335b8b825859b51473b9943a3880ae795df47426483b0a67630377a902f5campaign.dev.lcorigins.lego.com=l8qgvnfp0t9totd0c69s4t988icloudhealth=1659ead7-5c47-4817-a0d3-94b456169734d365mktkey=4d8bnycx40fy3581petta4gsfdocker-verification=c9680cb5-881b-4f8b-a803-42a918cdcf57duo_sso_verification=ntfsmAmvYMYMnwjgk6SpssPl5t7hZADsv9NCBLtCS7AnylaapsIfsFB9k6PItJVrDynatrace-site-verification=e1eb3fe5-f14a-4a0c-b8b6-1c5f380cb804__dfadqbk4o2ngu8n8bho3kom0tfastly-domain-delegation-w049tcm0w48ds-341317-20210209identrust_validate=JnSSfW+y58dEQju6mVBe8lu1MGFepXI50P27OE1ZZQmLintercom-domain-validation=8806e2f9-7626-4d9e-ae4d-2d655028629amailigen-site-verification=58788cc4908d5697c6ea4801a7fea3f6mbnfb6mopftl3f3t2it9tbev6emiro-verification=53bf5ccd47cb6239fe5cf14c3b328050dd5679acmixpanel-domain-verify=2c6cb1aa-a3fb-44b9-ad10-d6b744109963mixpanel-domain-verify=612e2914-a7fb-4965-95d5-19acc02797dfmongodb-site-verification=mtrxHeW3jOzWtwEwnOLpeQo9NXh6LqasMS=B03F616C5688CE657CC2FA94EF4E72109431092BNS_monitoronetrust-domain-verification=20345dd0c33946f299f14c1498b41f67OSSRH-65508pbcpcw84sfk7w4nhm7dwyg2k3gx0t4xrprod-bec-dk.azurewebsites.netQuoVadis=94d4ae74-ecd5-4a33-975e-a0d7f546c801SFMC-o7HX74BQ79k7glpt_qjlF2vmZO9DpqLtYxKLwg87site24x7-signals-domain-verification=df57290b9f0e5eb1fbcaca5849cc43b5sonatype-verification=OSSRH-58518sprig-site-verification=p7Xa5X9lnBvzD3plB6lcrXfhabY2uX3NAwyEGPm4C98stripe-verification=c52e56dae78932924b24e718a7850f861712da65458f8c40bab37393ccb56854t7sebee51jrj7vm932k531hipateamviewer-sso-verification=db1a05bb09054296b4fad49caec6cdc9wiz-domain-verification=af241e6396696eedf1b361891435f6b21bdebb5621941d99279298c076b5bf5fwrike-verification=MzI3NzM2ODo2NDk5MjE4NjQ2MWJmOTEwMGMxM2MzNzJmNWJlY2U5ZDU4MmVlNzQ2NWU4MTY5OWJjMjlmYjQ4Mjc5M2JiMzkyZOOM_verify_PeuZagN7TzybBaD-uxsGAwZoom=13284637