How to install project-memoria-detector on Ubuntu?

Install Python 3.7.7 or higher and Scapy 2.4.3+ using pip with 'pip install -r requirements.txt'. Run the script with sudo, as root privileges are required for packet manipulation via Scapy.

What TCP/IP stacks does project-memoria-detector detect?

It detects 16 embedded stacks including uIP/Contiki, lwIP, FreeBSD, and others listed in the README, specifically those with known vulnerabilities from Project Memoria research, but not common desktop OS stacks.

Is project-memoria-detector safe to use on production networks?

No, the tool sends malformed packets that can disrupt or crash devices, so the README warns against use on live, mission-critical systems and recommends lab testing or maintenance windows only.

How accurate is the fingerprinting in project-memoria-detector?

Accuracy varies by method and stack, with certainty scoring (High, Medium, Low) to indicate confidence. Cross-protocol checks improve reliability, but false positives or negatives can occur due to device variations.

project-memoria-detector vs Nmap for stack fingerprinting?

While Nmap offers general OS detection, project-memoria-detector specializes in embedded TCP/IP stacks with active, multi-method fingerprinting and certainty scoring, making it more targeted for IoT security assessments but riskier and less broad.

Can I use project-memoria-detector for commercial purposes?

No, the license prohibits using the tool or its modifications in commercial derivative works, allowing only personal, governmental, or non-profit use without financial benefit from sales or services.

project-memoria-detector — TCP/IP Stack Fingerprinting

What is project-memoria-detector?

project-memoria-detector is a Python-based network security tool that actively fingerprints embedded TCP/IP stacks on network devices. It helps identify which specific stack a device is running, which is crucial for assessing vulnerability exposure since many embedded stacks have known security flaws. The tool was developed as part of Project Memoria research that uncovered vulnerabilities in multiple TCP/IP implementations.

Target Audience

Security researchers, penetration testers, and network administrators who need to assess embedded devices and IoT systems for vulnerable TCP/IP stack implementations.

Value Proposition

It provides a specialized, multi-method approach to fingerprinting 16 different embedded TCP/IP stacks with confidence scoring, unlike generic network scanners. The tool is specifically designed for the security assessment needs identified during Project Memoria research.

Overview

project-memoria-detector is a network security tool designed to identify which embedded TCP/IP stack a target device is running. It was developed as part of Project Memoria research, which discovered vulnerabilities in multiple embedded stacks. The tool helps security researchers and network administrators assess devices for potential exposure to known stack-specific vulnerabilities.

Key Features

Multi-Protocol Fingerprinting — Uses ICMP probing, TCP options analysis, TCP Urgent flag handling, and service banner checking (HTTP, SSH, FTP) to identify stacks.
16 Supported Stacks — Detects uIP/Contiki, picoTCP, Nut/Net, FNET, Nucleus NET, CycloneTCP, NDKTCPIP, uC/TCP-IP, MPLAB Harmony Net, NicheStack, FreeBSD, Microsoft ThreadX, CMX TCP/IP, emNet, Keil TCP/IP, and lwIP.
Certainty Scoring — Reports match confidence as High, Medium, Low, No match, or No reply for each fingerprinting method.
Bulk Scanning — Supports scanning IP ranges via CIDR notation or input files for efficient network assessment.
Safety-Focused Design — Includes warnings about potential device crashes and recommends lab testing rather than use on mission-critical systems.

Philosophy

The tool prioritizes accurate identification of embedded TCP/IP stacks through multiple active fingerprinting methods while emphasizing responsible usage in controlled environments to avoid disrupting critical infrastructure.

project-memoria-detector

What is project-memoria-detector?

Overview

Key Features

Philosophy

Related Projects

Found a gem we're missing?

Use Cases

Best For

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions