This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Category:OWASP Favicon Database Project"

From OWASP

Jump to: navigation, search

@@ Line 1: / Line 1: @@
+{|
+|-
+! width="700" align="center" | <br>
+! width="500" align="center" | <br>
+|-
+| align="right" | [[Image:OWASP Inactive Banner.jpg|800px| link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Inactive_Projects]]
+| align="right" |
+|}
 ==== Main  ====
@@ Line 4: / Line 13: @@
 Idea is to have software enumerated via favicon.ico. How to do that? Take hash (in our case MD5) of favicon.ico and compare it against the known database. This project is about the favicon database itself and process in how to get the database of most frequent ones by crawling internet.
-Vlatko Kosturjak initially wrote .nse script for nmap to perform enumeration of software via favicon.ico. He has noticed that there is very small database of existing MD5 fingerprints of favicon.ico and also most of the current md5 fingerprinting implementations have only web server enumeration, he have added also some popular CMS, wikis, etc. He added some of them manually, but it's boring process. Fyodor suggested that we should do internet wide scan and gather the statistics and MD5 fingerprints of most usual favicons.ico and document them.
 = Problem and solution =
@@ Line 25: / Line 32: @@
 [http://www.openvas.org OpenVAS]  webserver_favicon.nasl: NASL NVT for MD5 favicon fingerprinting
-[http://www.nessus.org Nessus] webserver_favicon.nasl: NASL plugin for MD5 favicon fingerprinting
 [http://w3af.sourceforge.net w3af] favicon_identification.py: w3af plugin for MD5 favicon fingerprinting
@@ Line 44: / Line 49: @@
 = Related  =
-Original scripts and files can be found at [http://kost.com.hr/favicon.php http://kost.com.hr/favicon.php].
+* Original scripts and files can be found at [http://kost.com.hr/favicon.php http://kost.com.hr/favicon.php]
+* Nmap favicon poster project can be found at [http://nmap.org/favicon/ http://nmap.org/favicon/]
+* [http://www.nessus.org Nessus] webserver_favicon.nasl: NASL plugin for MD5 favicon fingerprinting
-==== Project Identification  ====
+==== Project About  ====
-{{Template:OWASP Project Identification Tab
+{{:Projects/OWASP Favicon Database Project | Project About}}
-| project_name = OWASP Favicon Database Project
-| project_description = Software enumeration via favicon.ico
-| project_license =
-| leader_name = Vlatko Kosturjak
-| leader_email = kost@linux.hr
-| leader_username =
-| maintainer_name = Vlatko Kosturjak
-| maintainer_email = kost@linux.hr
-| maintainer_username =
-| contributor_name1 = Fyodor
-| contributor_email1 =
-| contributor_username1 =
-| contributor_name2 = Brandon Enright
-| contributor_email2 =
-| contributor_username2 =
-| contributor_name3 = Kris Katterjohn
-| contributor_email3 =
-| contributor_username3 =
-| contributor_name4 =
-| contributor_email4 =
-| contributor_username4 =
-| contributor_name5 =
-| contributor_email5 =
-| contributor_username5 =
-| contributor_name6 =
-| contributor_email6 =
-| contributor_username6 =
-| contributor_name7 =
-| contributor_email7 =
-| contributor_username7 =
-| contributor_name8 =
-| contributor_email8 =
-| contributor_username8 =
-| contributor_name9 =
-| contributor_email9 =
-| contributor_username9 =
-| contributor_name10 =
-| contributor_email10 =
-| contributor_username10 =
-| pamphlet_link =
-| presentation_link =
-| mailing_list_name = owasp-favicon-database
-| links_url1 =  http://kost.com.hr/favicon.php
-| links_name1 = favicon.ico enumeration project
-| links_url2 = http://seclists.org/nmap-dev/2009/q3/0462.html
-| links_name2 = favicon survey script
-| links_url3 =
-| links_name3 =
-| links_url4 =
-| links_name4 =
-| links_url5 =
-| links_name5 =
-| links_url6 =
-| links_name6 =
-| links_url7 =
-| links_name7 =
-| links_url8 =
-| links_name8 =
-| links_url9 =
-| links_name9 =
-| links_url10 =
-| links_name10 =
-| project_road_map = :Category:OWASP Favicon Database Project - Roadmap
-| project_health_status =
-| current_release_name = First Release
-| current_release_date =
-| current_release_download_link =
-| current_release_rating =
-| current_release_leader_name = Vlatko Kosturjak
-| current_release_leader_email = kost@linux.hr
-| current_release_leader_username =
-| current_release_details = :Category:OWASP Favicon Database Project - First Release
-| last_reviewed_release_name =
-| last_reviewed_release_date =
-| last_reviewed_release_download_link =
-| last_reviewed_release_rating =
-| last_reviewed_release_leader_name =
-| last_reviewed_release_leader_email =
-| last_reviewed_release_leader_username =
-| old_release_name1 =
-| old_release_date1 =
-| old_release_download_link1 =
-| old_release_name2 =
-| old_release_date2 =
-| old_release_download_link2 =
-| old_release_name3 =
-| old_release_date3 =
-| old_release_download_link3 =
-| old_release_name4 =
-| old_release_date4 =
-| old_release_download_link4 =
-| old_release_name5 =
-| old_release_date5 =
-| old_release_download_link5 =
-}}
 __NOTOC__ <headertabs />
 [[Category:OWASP_Project|Favicon Database Project]] [[Category:OWASP_Tool]] [[Category:OWASP_Alpha_Quality_Tool]]

Latest revision as of 20:03, 23 January 2014

Main

Idea
Problem and solution
Results
Implementations
Roadmap
Feedback and Participation
Related

Idea is to have software enumerated via favicon.ico. How to do that? Take hash (in our case MD5) of favicon.ico and compare it against the known database. This project is about the favicon database itself and process in how to get the database of most frequent ones by crawling internet.

So, project has started the adventure of getting the statistics of MD5 fingerprints of most usual favicons.ico. We have faced problems how to enumerate http(s) hosts on Internet. Currently, we have recognized two types of http servers which we want to cover. First type is http servers on network devices and appliances and the second type is normal web servers with virtual hosts support.

You can read process, problem and solution on OWASP_favicon_database_crawl.

OWASP_favicon_database -favicon database in wiki format, feel free to contribute directly to wiki

File:Favicon-md5-20100222.zip - Favicon MD5 database of most popular favicons found on the Internet - latest

File:Favicon-md5-20090925.zip - Favicon MD5 database of most popular favicons found on the internet - archive

Nmap http-favicon.nse: NSE script for MD5 favicon fingerprinting

OpenVAS webserver_favicon.nasl: NASL NVT for MD5 favicon fingerprinting

w3af favicon_identification.py: w3af plugin for MD5 favicon fingerprinting

Project roadmap is available at OWASP_favicon_database_roadmap page.

We hope you find the information in the OWASP Favicon Database project useful. Please contribute back to the project by sending your comments, questions, and suggestions to the OWASP Favicon mailing list. Thanks!

You can contribute by editing the database on wiki itself: OWASP_favicon_database. Also, you can contribute via Twitter by using @OWASPfavicon and sending MD5, name of favicon and version (if possible).

To join the OWASP Testing mailing list or view the archives, please visit the mailing list subscription page.

Original scripts and files can be found at http://kost.com.hr/favicon.php
Nmap favicon poster project can be found at http://nmap.org/favicon/
Nessus webserver_favicon.nasl: NASL plugin for MD5 favicon fingerprinting

Project About

PROJECT INFO
What does this OWASP project offer you?

RELEASE(S) INFO
What releases are available for this project?

what	is this project?
Name: OWASP Favicon Database Project (home page)
Purpose: Software enumeration via favicon.ico. How to do that? Take hash (in our case MD5) of favicon.ico and compare it against the known database. This project is about the favicon database itself and process in how to get the database of most frequent ones by crawling internet.
License: GPL 2 for OWASP Favicon Database Crawl and CC BY 3.0 for OWASP Favicon Database
who	is working on this project?
Project Leader(s): Vlatko Kosturjak @
Project Contributor(s): Fyodor Brandon Enright Kris Katterjohn
how	can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Main links: Favicon.ico enumeration project Favicon survey script Favicon process, problem and solution Favicon database in wiki format Favicon MD5 database of most popular favicons found on the Internet NSE script for MD5 favicon fingerprinting NASL NVT for MD5 favicon fingerprinting w3af plugin for MD5 favicon fingerprinting
Key Contacts
Contact Vlatko Kosturjak @ to contribute to this project Contact Vlatko Kosturjak @ to review or sponsor this project

current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases

Pages in category "OWASP Favicon Database Project"

The following 3 pages are in this category, out of 3 total.

O

OWASP favicon database
OWASP favicon database crawl
OWASP favicon database roadmap

Retrieved from "https://wiki.owasp.org/index.php?title=Category:OWASP_Favicon_Database_Project&oldid=166542"

Categories:

OWASP Project
OWASP Tool
OWASP Alpha Quality Tool

Difference between revisions of "Category:OWASP Favicon Database Project"

Latest revision as of 20:03, 23 January 2014

Main

Pages in category "OWASP Favicon Database Project"

O

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools