Fingerprinting (also known as footprinting) is the process of enumerating a target online presence, often the first step when planning an attack. Its main goal is to obtain as much information about the target as possible, for example understanding the target's underlying technologies, application stack and software versions. Using this information an attack can develop their attack specifically to target systems they know are in use.
Fingerprinting can be done passively or actively. Active fingerprinting involves directly interacting with the target systems for example sending TCP or ICMP packets then analyzing the response from the target. Whereas, passive fingerprinting are a more stealthy method, for example, obtaining information from the many publicly accessible data sets provided by companies who poll the internet such as Shodan or SecurityTrails. Although a large amount of data can be obtained passively, this technique is often less accurate than active fingerprinting.
If you like this blog post, find more content in our Glossary.