AgentSkillsCN

Framework Fingerprinting

框架指纹识别

SKILL.md

Framework Fingerprinting Skill

Purpose

Identifies the technology stack (programming language, framework, web server, cloud provider) of an API by analyzing HTTP response headers, error pages, default endpoints, and response patterns.

Detection Rules

Language Detection

LanguageHeader/IndicatorDetection Pattern
JavaX-Application-ContextSpring Boot
JavaX-Java-VersionJVM version exposed
JavaServer contains TomcatApache Tomcat
JavaServer contains JettyEclipse Jetty
JavaCookie JSESSIONIDJava Servlet container
PythonServer: gunicornGunicorn WSGI
PythonServer: uvicornUvicorn ASGI
PythonServer: WSGIServerDjango dev server
PythonServer: daphneDjango Channels
Node.jsX-Powered-By: ExpressExpress.js
Node.jsX-Powered-By: Next.jsNext.js API routes
Node.jsX-Powered-By: FastifyFastify
.NETServer: KestrelASP.NET Core
.NETX-AspNet-VersionASP.NET Framework
.NETX-AspNetMvc-VersionASP.NET MVC
.NETX-Powered-By: ASP.NETASP.NET
GoServer: GoGo net/http
GoNo Server + small responseGo minimal server
RubyServer: PumaPuma (Rails)
RubyServer: UnicornUnicorn (Rails)
RubyX-Runtime headerRails
PHPX-Powered-By: PHPPHP version
PHPServer: Apache + PHPPHP on Apache
RustServer: ActixActix Web
RustServer: WarpWarp framework

Framework Detection

FrameworkDetection Method
Spring BootX-Application-Context header
Spring Boot/actuator/health returns JSON
Spring Boot/actuator/info returns JSON
Spring Boot/v3/api-docs returns OpenAPI
Djangocsrftoken cookie
DjangoServer: WSGIServer
Django RESTDefault browsable API HTML page
FastAPI/docs returns Swagger UI
FastAPI/redoc returns ReDoc
FastAPI/openapi.json returns spec
FlaskServer: Werkzeug
ExpressX-Powered-By: Express
NestJSX-Powered-By: Express + structured errors
ASP.NET CoreServer: Kestrel
RailsX-Runtime + X-Request-Id headers
Laravellaravel_session cookie
GinServer: Gin or minimal Go server
FiberServer: Fiber

Web Server / Reverse Proxy Detection

ServerHeader Pattern
NginxServer: nginx or Server: nginx/1.x
ApacheServer: Apache or Server: Apache/2.x
IISServer: Microsoft-IIS
CaddyServer: Caddy
TraefikCustom headers or default error page
HAProxyVia header or custom headers
EnvoyServer: envoy or x-envoy-* headers

Cloud / Infrastructure Detection

ProviderHeader / Pattern
AWSX-Amz-* or X-Amzn-* headers
AWS API Gatewayx-amzn-RequestId, x-amz-apigw-id
AWS LambdaX-Amzn-Trace-Id
AWS CloudFrontX-Cache, Via: cloudfront
AWS ALBX-Amzn-Trace-Id with ELB pattern
AzureX-Azure-* headers
Azure API MgmtOcp-Apim-* headers
Azure App ServiceX-Ms-* headers
GCPX-Cloud-Trace-Context
GCP Cloud RunX-Cloud-Trace-Context + short cold starts
CloudflareCF-RAY, cf-* headers
VercelX-Vercel-* headers
HerokuVia: heroku, X-Request-Id pattern
NetlifyX-NF-Request-ID

API Gateway Detection

GatewayDetection Method
KongVia: kong/x.x, X-Kong-* headers
ApigeeX-Apigee-* headers
MulesoftX-Mule-* headers
TykX-Tyk-* headers
AWS API Gatewayx-amzn-RequestId format
Azure APIMOcp-Apim-Subscription-Key requirement

Fingerprinting Process

python
def fingerprint(headers, url, status_code, body):
    result = {
        "language": detect_language(headers),
        "framework": detect_framework(headers, url, body),
        "server": detect_server(headers),
        "cloud": detect_cloud(headers),
        "api_gateway": detect_gateway(headers),
        "confidence": 0.0,
        "indicators": [],
    }

    # Calculate confidence based on indicators matched
    indicators = len(result["indicators"])
    result["confidence"] = min(indicators * 0.2, 1.0)

    return result

Endpoint Probing

For deeper detection, optionally probe:

EndpointDetects
/actuator/healthSpring Boot
/actuator/infoSpring Boot version
/docsFastAPI
/swagger-ui/Spring Boot + Swagger
/__healthVarious
/healthzKubernetes
/metricsPrometheus endpoint
/debug/varsGo debug

Output Format

json
{
  "technology": {
    "language": "java",
    "language_version": "",
    "framework": "spring-boot",
    "framework_version": "3.2.0",
    "server": "nginx",
    "server_version": "1.24",
    "cloud": "aws",
    "cloud_services": ["api-gateway", "lambda"],
    "api_gateway": "kong",
    "container_platform": "kubernetes",
    "confidence": 0.85,
    "indicators": [
      "X-Application-Context header (Spring Boot)",
      "/actuator/health returns 200 (Spring Boot)",
      "Server: nginx (Nginx reverse proxy)",
      "X-Amzn-Trace-Id (AWS infrastructure)"
    ]
  }
}