Category:OWASP Favicon Database Project

From OWASP
Revision as of 09:25, 16 October 2009 by Kost (Talk | contribs)

Jump to: navigation, search

Main

[edit]

Idea is to have software enumerated via favicon.ico. How to do that? Take hash (in our case MD5) of favicon.ico and compare it against the known database. This project is about the favicon database itself and process in how to get the database of most frequent ones by crawling internet.

Vlatko Kosturjak initially wrote .nse script for nmap to perform enumeration of software via favicon.ico. He has noticed that there is very small database of existing MD5 fingerprints of favicon.ico and also most of the current md5 fingerprinting implementations have only web server enumeration, he have added also some popular CMS, wikis, etc. He added some of them manually, but it's boring process. Fyodor suggested that we should do internet wide scan and gather the statistics and MD5 fingerprints of most usual favicons.ico and document them.

So, project has started the adventure of getting the statistics of MD5 fingerprints of most usual favicons.ico. We have faced problems how to enumerate http(s) hosts on Internet. Currently, we have recognized two types of http servers which we want to cover. First type is http servers on network devices and appliances and the second type is normal web servers with virtual hosts support.

You can read process, problem and solution on OWASP_favicon_database_crawl.

File:Favicon-md5-20090925.zip - Favicon MD5 database of most popular favicons found on the internet.

[1] - Nmap http-favicon.nse: NSE script for MD5 favicon fingerprinting

[2] - OpenVAS webserver_favicon.nasl: NASL NVT for MD5 favicon fingerprinting

[3] - Nessus webserver_favicon.nasl: NASL plugin for MD5 favicon fingerprinting

[4] - w3af favicon_identification.py: w3af plugin for MD5 favicon fingerprinting

We hope you find the information in the OWASP Favicon Database project useful. Please contribute back to the project by sending your comments, questions, and suggestions to the OWASP Favicon mailing list. Thanks!

To join the OWASP Testing mailing list or view the archives, please visit the mailing list subscription page.

Project Identification

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What does this OWASP project release offer you?
what is this project?
OWASP Favicon Database Project

Purpose: Software enumeration via favicon.ico

License: N/A

who is working on this project?
Project Leader: Vlatko Kosturjak @

Project Maintainer: Vlatko Kosturjak @

Project Contributor(s):

  • Fyodor
  • Brandon Enright
  • Kris Katterjohn
how can you learn more?
Project Pamphlet: N/A

3x slide Project Presentation: N/A

Mailing list: Subscribe or read the archives

Project Roadmap: To view, click here

Main links:

Project Health: Yellow button.JPG Not Reviewed (Provisional)
To be reviewed under Assessment Criteria v2.0

Key Contacts
  • Contact Vlatko Kosturjak @ to contribute, review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
First Release - Unknown Date - (no download available)

Release Leader: Vlatko Kosturjak @

Release details: Main links, release roadmap and assessment

Rating: Yellow button.JPG Not Reviewed
To be reviewed under Assessment Criteria v2.0


Pages in category "OWASP Favicon Database Project"

The following 3 pages are in this category, out of 3 total.