Skip to main content

Crate truestack

Crate truestack 

Source
Expand description

§truestack — Security-aware technology fingerprinting

Security-aware technology fingerprinting for web servers.

Unlike traditional fingerprinting tools that report what the version string claims, truestack is designed to determine the true security posture of a target — including detection of backported patches, behavioural differential probing, and CVE correlation.

§Core capabilities

  • YAML-driven rule engine — signal-based detection from HTTP headers, response bodies, and cookies. Ship your own rules or use the embedded set.
  • Security header auditing — checks for HSTS, CSP, X-Frame-Options and friends, including deep CSP bypass analysis (15 known bypass domains).
  • Favicon hashing — Shodan-compatible MurmurHash3 for cross-service pivot (http.favicon.hash:{value}).
  • Version extraction — parses Server, X-Powered-By, and other headers to extract semver-style version strings.

§Quick start

use truestack::fingerprints;

let headers = vec![
    ("Server".to_string(), "nginx/1.21.0".to_string()),
];
let techs = fingerprints::detect(&headers, "");
assert_eq!(techs[0].name, "nginx");
assert_eq!(techs[0].version.as_deref(), Some("1.21.0"));

Re-exports§

pub use types::HeaderEvidence;
pub use types::TechCategory;
pub use types::Technology;

Modules§

behavior
Behavioral HTTP fingerprinting — identifies servers by HOW they respond to malformed/unusual requests, not what they claim in headers.
favicon
Favicon hash computation — Shodan-compatible MurmurHash3 x86/32.
fingerprints
YAML-driven technology fingerprinting engine.
html
HTML utility functions.
implied
Implied technology detection — infer invisible technologies from visible ones.
postprocess
Post-detection processing: excludes, requires, dedup, and proxy detection.
reqwest
Local HTTP compatibility shim backed by reqwest..
security_headers
Security HTTP header auditing.
types
version_intel
Version intelligence — backport-aware version assessment.
waf
WAF detection via wafrift-detect.

Structs§

Finding
Re-export shared security finding types. A single security finding produced by any Santh tool.

Enums§

SecEvidence
Re-export shared security finding types. Concrete evidence proving a finding is real.
Severity
Re-export shared security finding types. Severity of a security finding.