Scannerl is a modular distributed fingerprinting engine implemented by Kudelski Security. Scannerl can fingerprint thousands of targets on a single host, but can just as easily be distributed across multiple hosts. Scannerl is to fingerprinting what zmap is to port scanning.
Scannerl works on Debian/Ubuntu (but will probably work on other distributions as well). It uses a master/slave architecture where the master node will distribute the work (host(s) to fingerprint) to its slaves (local or remote). The entire deployment is transparent to the user.
Why use Scannerl?
When using conventional fingerprinting tools for large-scale analysis, security researchers will often hit two limitations: first, these tools are typically built for scanning comparatively few hosts at a time and are inappropriate for large ranges of IP addresses. Second, if large range of IP addresses protected by IPS devices are being fingerprinted, the probability of being blacklisted is higher what could lead to an incomplete set of information. Scannerl is designed to circumvent these limitations, not only by providing the ability to fingerprint multiple hosts simultaneously, but also by distributing the load across an arbitrary number of hosts. Scannerl also makes the distribution of these tasks completely transparent, which makes setup and maintenance of large-scale fingerprinting projects trivial; this allows to focus on the analyses rather than the herculean task of managing and distributing fingerprinting processes by hand. In addition to the speed factor, scannerl has been designed to allow to easily set up specific fingerprinting analyses in a few lines of code. Not only is the creation of a fingerprinting cluster easy to set up, but it can be tweaked by adding fine-tuned scans to your fingerprinting campaigns.
It is the fastest tool to perform large scale fingerprinting campaigns.
+ erlang v1.8 higher
Use and build:
sudo apt install erlang rebar
git clone https://github.com/kudelskisecurity/scannerl && cd scannerl