Expand description
§truestack
Security-aware technology fingerprinting for web servers.
Unlike traditional fingerprinting tools that report what the version string
claims, truestack is designed to determine the true security posture
of a target — including detection of backported patches, behavioural
differential probing, and CVE correlation.
§Core capabilities
- YAML-driven rule engine — signal-based detection from HTTP headers, response bodies, and cookies. Ship your own rules or use the embedded set.
- Security header auditing — checks for HSTS, CSP, X-Frame-Options and friends, including deep CSP bypass analysis (15 known bypass domains).
- Favicon hashing — Shodan-compatible MurmurHash3 for cross-service
pivot (
http.favicon.hash:{value}). - Version extraction — parses
Server,X-Powered-By, and other headers to extract semver-style version strings.
§Quick start
use truestack::fingerprints;
let headers = vec![
("Server".to_string(), "nginx/1.21.0".to_string()),
];
let techs = fingerprints::detect(&headers, "");
assert_eq!(techs[0].name, "nginx");
assert_eq!(techs[0].version.as_deref(), Some("1.21.0"));Modules§
- favicon
- Favicon hash computation — Shodan-compatible MurmurHash3 x86/32.
- fingerprints
- YAML-driven technology fingerprinting engine.
- html
- HTML utility functions.
- security_
headers - Security HTTP header auditing.
Structs§
- Header
Evidence - Evidence attached to a
HeaderFinding. - Header
Finding - A security-relevant finding produced by header or configuration analysis.
- Technology
- A detected technology fingerprint.
Enums§
- Severity
- Severity level for a security finding.
- Tech
Category - Broad category for a detected technology.