Projects / p0f


p0f is a versatile passive OS and application fingerprinter, and a tool for detecting NAT/connection sharing. It is useful for penetration testing, routine network monitoring, and forensics, and to aid abuse detection tools such as IDSes, spam filters, or honeypots.

Operating Systems

Recent releases

  •  16 Jan 2012 22:02

    Release Notes: This complete rewrite adds a range of new TCP fingerprinting mechanisms, sophisticated NAT detection, HTTP inspection and fingerprinting, and updated signatures.

    •  06 Sep 2006 10:41

      Release Notes: New fingerprints were added. Diagnostic and statistics query mode and utilities were contributed. Other minor fixes were made.

      •  10 Aug 2006 14:45

        Release Notes: New fingerprints were added, including ones for Windows Vista. Support for older architectures was improved. The plugin query capability was improved. Minor bugfixes were made.

        •  09 Mar 2006 21:11

          Release Notes: New signatures, better logging, and various minor improvements. Fixes to compile on newer Linux distributions. A Cygwin port.

          •  13 Sep 2004 19:33

            Release Notes: Established connection fingerprinting (ACK mode) is now supported. 802.1Q VLAN support had been added. New fingerprints are available. Minor other tweaks have been added.

            Recent comments

            15 Nov 2010 10:28 fpreussner

            I'm looking for an up-to-date fingerprint collection. Is there one?


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.