GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → rapid7 → Recog

rapid7 / Recog

Licence: other
Pattern recognition for hosts, services, and content

Programming Languages

ruby
36898 projects - #4 most used programming language

Labels

xmlregexfingerprinting

Projects that are alternatives of or similar to Recog

Swift Utils
A collection of handy swift utils
Stars: ✭ 253 (-29.72%)
Mutual labels:  xml, regex
Expynent
A library that provides regular expression patterns. If you hate to write regular expressions, then expynent can help you.
Stars: ✭ 350 (-2.78%)
Mutual labels:  regex
Ofbiz Framework
Apache OFBiz is an open source product for the automation of enterprise processes. It includes framework components and business applications for ERP, CRM, E-Business/E-Commerce, Supply Chain Management and Manufacturing Resource Planning. OFBiz provides a foundation and starting point for reliable, secure and scalable enterprise solutions.
Stars: ✭ 315 (-12.5%)
Mutual labels:  xml
Underscore Java
java port of Underscore.js
Stars: ✭ 327 (-9.17%)
Mutual labels:  xml
Ictextview
UITextView subclass supporting string/regex search and highlighting
Stars: ✭ 321 (-10.83%)
Mutual labels:  regex
Getsimplecms
GetSimple CMS
Stars: ✭ 333 (-7.5%)
Mutual labels:  xml
Fingerprintjs
Browser fingerprinting library with the highest accuracy and stability.
Stars: ✭ 15,481 (+4200.28%)
Mutual labels:  fingerprinting
Hashover Next
This branch will be HashOver 2.0
Stars: ✭ 353 (-1.94%)
Mutual labels:  xml
Cppwebframework
​The C++ Web Framework (CWF) is a MVC web framework, Open Source, under MIT License, using C++ with Qt to be used in the development of web applications.
Stars: ✭ 348 (-3.33%)
Mutual labels:  xml
Fluentdom
A fluent api for working with XML in PHP
Stars: ✭ 327 (-9.17%)
Mutual labels:  xml
Fd
A simple, fast and user-friendly alternative to 'find'
Stars: ✭ 19,851 (+5414.17%)
Mutual labels:  regex
Jackrabbit Oak
Mirror of Apache Jackrabbit Oak
Stars: ✭ 321 (-10.83%)
Mutual labels:  xml
Xidel
Command line tool to download and extract data from HTML/XML pages or JSON-APIs, using CSS, XPath 3.0, XQuery 3.0, JSONiq or pattern matching. It can also create new or transformed XML/HTML/JSON documents.
Stars: ✭ 335 (-6.94%)
Mutual labels:  xml
Generex
A Java library for generating String from a regular expression.
Stars: ✭ 316 (-12.22%)
Mutual labels:  regex
Thymeleaf Spring
Thymeleaf integration module for Spring
Stars: ✭ 349 (-3.06%)
Mutual labels:  xml
Mmark
Mmark: a powerful markdown processor in Go geared towards the IETF
Stars: ✭ 313 (-13.06%)
Mutual labels:  xml
Social Media Profiles Regexs
📇 Extract social media profiles and more with regular expressions
Stars: ✭ 324 (-10%)
Mutual labels:  regex
Libplist
A library to handle Apple Property List format in binary or XML
Stars: ✭ 330 (-8.33%)
Mutual labels:  xml
Horizontalpicker
A HorizontalPicker view for android, which supports both text and icon. ✨
Stars: ✭ 356 (-1.11%)
Mutual labels:  xml
Minta
✳️  Electron app for generating regular expressions
Stars: ✭ 353 (-1.94%)
Mutual labels:  regex
View All Similar Projects ➔

Recog: A Recognition Framework

Gem Version Build Status

Recog is a framework for identifying products, services, operating systems, and hardware by matching fingerprints against data returned from various network probes. Recog makes it simple to extract useful information from web server banners, snmp system description fields, and a whole lot more.

Recog is open source, please see the LICENSE file for more information.

Table of Contents

  1. Installation
  2. Maturity
  3. Fingerprints
  4. Contributing

Installation

Recog consists of both XML fingerprint files and an assortment of code, mostly in Ruby, that makes it easy to develop, test, and use the contained fingerprints. In order to use the included ruby code, a recent version of Ruby (2.31+) is required, along with Rubygems and the bundler gem. Once these dependencies are in place, use the following commands to grab the latest source code and install any additional dependencies.

$ git clone [email protected]:rapid7/recog.git
$ cd recog
$ bundle install

^back to top

Maturity

Please note that while the XML fingerprints themselves are quite stable and well-tested, the Ruby codebase in Recog is still fairly new and subject to change quickly. Please contact us (research[at]rapid7.com) before leveraging the Recog code within any production projects.

^back to top

Fingerprints

The fingerprints within Recog are stored in XML files, each of which is designed to match a specific protocol response string or field. For example, the file ssh_banners.xml can determine the os, vendor, and sometimes hardware product by matching the initial SSH daemon banner string.

A fingerprint file consists of an XML document like the following:

<fingerprints matches="ssh.banner">
  <fingerprint pattern="^RomSShell_([\d\.]+)$">
    <description>Allegro RomSShell SSH</description>
    <example service.version="4.62">RomSShell_4.62</example>
    <param pos="0" name="service.vendor" value="Allegro"/>
    <param pos="0" name="service.product" value="RomSShell"/>
    <param pos="1" name="service.version"/>
  </fingerprint>
</fingerprints>

The first line should always consist of the XML version declaration. The first element should always be a fingerprints block with a matches attribute indicating what data this fingerprint file is supposed to match. The matches attribute is normally in the form of protocol.field.

Inside of the fingerprints element there should be one or more fingerprint elements. Every fingerprint must contain a pattern attribute, which contains the regular expression to be used to match against the data. An optional flags attribute can be specified to control how the regular expression is to be interpreted. See the Recog documentation for FLAG_MAP for more information.

Inside of the fingerprint, a description element should contain a human-readable string describing this fingerprint.

At least one example element should be present, however multiple example elements are preferred. These elements are used as part of the test coverage present in rspec which validates that the provided data matches the specified regular expression. Additionally, if the fingerprint is using the param elements to extract field values from the data (described next), you can add these expected extractions as attributes for the example elements. In the example above, this:

<example service.version="4.62">RomSShell_4.62</example>

tests that RomSShell_4.62 matches the provided regular expression and that the value of service.version is 4.62.

The param elements contain a pos attribute, which indicates what capture field from the pattern should be extracted, or 0 for a static string. The name attribute is the key that will be reported in the case of a successful match and the value will either be a static string for pos values of 0 or missing and taken from the captured field.

The example string can be base64 encoded to permit the use of unprintable characters. To signal this to Recog an _encoding attribute with the value of base64 is added to the example element. Based64 encoded text that is longer than 80 characters may be wrapped with newlines as shown below to aid in readability.

<example _encoding="base64">
  dGllczGEAAAAlQQWMS4yLjg0MC4xMTM1NTYuMS40LjgwMAQuZGF0YS5yZW1vdmVkLjCEAAAAK
  AQdZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxhAAAAAMEATc=
</example>

^back to top

Contributing

The users and maintainers of Recog would greatly appreciate any contributions you can make to the project. For guidelines and instructions please see CONTRIBUTING.MD

^back to top

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].