# Finger Printing

{% hint style="info" %}
The goal is to obtain client information so we can build attacks that we know will work.
{% endhint %}

### **Phish/Watering Hole:**

Try to get the user to navigate to our webpage or maybe poison a webpage with fingerprinting code in a watering hole attack.<br>

### UserAgent Lookup:

If you can grab the user agent of a client then you can look it up at the following link.

{% embed url="<https://developers.whatismybrowser.com/useragents/parse#parse-useragent>" %}

### **Scan** TTLs:

![](https://3470586442-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-Mclm5Q336p2L-VHRAM8%2F-MiamZi9usx3FeGy7NvX%2F-Mib-3S3r4UwBQeCUljw%2Fimage.png?alt=media\&token=11e51cd6-d8e7-456e-b11a-c72f6f283284)

### Nmap NSE:

The [Nmap NSE scripts](https://www.hackbook.io/reconnaissance/active-scanning/nmap/nse) will often give fingerprinting results based off of the many ways a host machine can be identified.&#x20;