Abstract—While Operating System and Web Server fingerprinting are well established in the toolkit of penetration testers and network administrators, reliable tooling for fingerprinting at the application level has been slow to emerge. This paper introduces BlindElephant, a fast, accurate, and very generic web application fingerprinter that identifies application and plugin versions via static files. The paper also provides results from large-scale tests of the tool, and makes some observations about the state of web application security on the internet at large, and discusses future work on countermeasures and counter-countermeasures for static file fingerprinting.
BlackHat USA - July 28, 2010
Version 2 Update: August 3, 2010