Hfinger Logo

Hfinger

0
Free
Updated 11 March 2025
Malware Analysis
Http
Malware
Fingerprinting
Security
Visit Website

Tool for fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :-) Its main objective is to provide unique representations (fingerprints) of malware requests, which help in their identification. Unique means here that each fingerprint should be seen only in one particular malware family, yet one family can have multiple fingerprints. Hfinger represents the request in a shorter form than printing the whole request, but still human interpretable. Hfinger can be used in manual malware analysis but also in sandbox systems or SIEMs. The generated fingerprints are useful for grouping requests, pinpointing requests to particular malware families, identifying different operations of one family, or discovering unknown malicious requests omitted by other security systems but which share fingerprint. An academic paper accompanies work on this tool, describing, for example, the motivation of design choices, and the evaluation of the tool compared to p0f, FATT, and Mercury.

FEATURES

EXPLORE BY TAGS

Http

Malware

Fingerprinting

Security

SIMILAR TOOLS

JSDetox Logo
JSDetox

A javascript malware analysis tool with backend code execution.

Free
Malware Analysis
Veles Logo
Veles

A new age tool for binary analysis that uses statistical visualizations to help find patterns in large amounts of binary data.

Free
Malware Analysis
Yara-Repo Logo
Yara-Repo

Collects Yara rules from over 150 free resources, a free alternative to Valhalla.

Free
Malware Analysis
YARA Silly Silly Logo
YARA Silly Silly

A semi-automatic tool to generate YARA rules from virus samples.

Free
Malware Analysis
GitHunter Logo
GitHunter

A tool for searching a Git repository for interesting content

Free
Malware Analysis
Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32 Logo
Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32

Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32

Free
Malware Analysis
TeamTNT Targeting AWS, Alibaba Logo
TeamTNT Targeting AWS, Alibaba

TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.

Free
Malware Analysis
Reversing and Exploiting ARM Binaries: rwthCTF Trafman Logo
Reversing and Exploiting ARM Binaries: rwthCTF Trafman

A tutorial on setting up a virtual ARM environment, reversing ARM binaries, and writing basic exploits for ARM using the trafman challenge of rwthCTF as an example.

Free
Malware Analysis
BinaryAlert Logo
BinaryAlert

A serverless, real-time, and retroactive malware detection tool that scans files with YARA rules and alerts incident response teams.

Free
Malware Analysis

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy