By comparing the OS inferred from TCP/IP headers to the reported User-Agent, it can help identify when a user is attempting to hide their true operating system.
Unlike active tools (like Nmap) that send packets to a target, Zardaxt is entirely passive, meaning it does not generate additional traffic that could alert a target system or security measures.
If you need to look up a specific IP address, use the ip parameter together with the API key:
Being an open-source tool, its accuracy relies on continuous updates from the community to recognize new TCP/IP stack behaviors in modern operating systems.
You need to run Zardaxt with root privileges to capture raw network packets.
When you hit this scoring link, Zardaxt generates a response with specific calculated scores. Let's break down a real-world example of JSON output from the classifier: