Fingerprinting is a technique where hackers gather information about an application to create a profile that can be used to cause harm to the application. This type of activity typically involves looking at the HTTP header for names and values that might help identify and profile an application.
This type of probing also looks at:
- Contents of error messages.
- URL path case sensitivity.
- URL path patterns.
- File extensions.
- Directory existance.
- Software specific file existance.
Fingerprinting relies often on applications leaking information and can reveal information about a network’s architecture. Many times, fingerprinting can be done without any direct use of the application.
Fingerprinting identifies an application’s components, where as footprinting is a more detailed analysis of how an application works.