Signature Based on Favicon #27
Labels
enhancement
New feature or request
Comments
|
I like this, i think the best way to do this would be to use MurmurHash to "hash" the favicons as its computationally less expensive. (Shodan uses this for their favicon hashing as well.). |
|
I'm not exactly sure where to get a goo "data set" of favicons tho. Something to look into |
decidedlygray
changed the title
|
Ok excellent. I’ll see if I can throw something together. Thanks for the tip on MurmurHash! My plan was to start with a small set of “typical” stuff like Tomcat, WebLogic, etc. And maybe also use this as a starting point: https://github.com/nmap/nmap/blob/master/nselib/data/favicon-db |
|
Ah that's a perfect start! Can't wait for the PR! Cheers |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There's been a few times on engagements where I only see a blank page, and even
X-Powered-ByandServerheaders are suppressed, but the favicon for the product deployed to the server is still available. I was wondering what you think about adding the ability to signature based on favicons?I'm thinking it could either be done by a quick MD5 or maybe even CRC32 to help keep performance up. I wanted to get your input on it before I try to code anything up and submit a PR
The text was updated successfully, but these errors were encountered: