THC-Amap
Amap was innovative - the first tool to perform application protocol detection.
Then a better approach was implemented into nmap, this and the large user
base of nmap made amap pretty much obsolete.
So today, I recommend to rather use nmap -sV for application fingerprinting
rather than amap (although in some circumstances amap will yield better
results, but these are rare).
Still, after 5 years there is an update to amap.
The reason for this is IPv6. nmap still does not have a good IPv6 support,
e.g. UDP port scanning is not possible.
Hence for this v5.4 release in April 2011 that enhances amap to perform
better UDP IPv6 support (before only application fingerprinting did work
here, now the port scanning feature works too).
amap-5.4.tar.gz
Note that the web update feature has been disabled, as amap is outdated
and not supported anymore.
[0x00] News and Changelog
CHANGELOG for 5.4 and 5.3 (April 2011):
! This is a release to fix IPv6 UDP port scanning as no other tool
! currently exists to do that.
! Beside this, amap is outdated, and nmap should be prefered
* Fix for IPv6 introduced in v5.3
* Fixed UDP port scanning for IPv6
* Disabled web update
* added printing of [] brackets around IPv6 addresses (required)
* Fixed a bug in amapcrap that the trigger would not display correctly
Have fun!
[0x01] Introduction
Welcome to the mini website of the THC Amap project.
Amap was the first next-generation scanning tool for pentesters.
It attempts to identify applications even if they are running on a
different port than normal.
It also identifies non-ascii based applications. This is achieved
by sending trigger packets, and looking up the responses in a list
of response strings.
Currently there are two tools for this purpose: amap (you are looking
at it), and nmap (www.insecure.org/nmap).
Both have their strength and weaknesses, as they deploy different techniques.
We recommend to use both tools for reliabe identification.
[0x02] Closing words
Again, amap is outdated and not supported anymore.
Have fun using it with IPv6 though.
(Thats something which I think is pretty cool though. Amap has full
IPv6 support since February 2005!)
Comments and suggestions are welcome.
Yours sincerly,
van Hauser
The Hackers Choice
www.thc.org
gipoco.com
is neither affiliated with the authors of this page or responsible
for its contents. This is a safe-cache copy of the original web site.
gipoco.com
is neither affiliated with the authors of this page nor responsible
for its contents. This is a safe-cache copy of the original web site.