Toggle Side Panel
Close search

Zardaxt isn't an operating system itself—it is a designed to reveal the true operating system of any device that connects to your server. By analyzing only the very first incoming SYN packet of a TCP three‑way handshake, Zardaxt infers the client’s operating system without any active probing. It was created as a modern, maintainable alternative to older tools such as p0f and satori.py, whose fingerprint databases had become outdated.

"avgScoreOsClass": "Android": "avg=6.27, N=779", "Linux": "avg=4.99, N=422", "Windows": "avg=2.64, N=1019", "iOS": "avg=3.66, N=447" , "bestNGuesses": [ "os": "Android", "score": "9.0/10", "os": "Android", "score": "9.0/10", "os": "Android", "score": "9.0/10" ]

Most Zardaxt scoring links are hosted within their private Discord server to ensure only verified users are submitting data.

Unlike active fingerprinting tools (like Nmap ), which aggressively probe a client with custom packets to see how it responds, operates entirely invisibly. It simply listens to incoming traffic. Zardaxt reads the raw byte headers of standard traffic without altering data packets or alerting the client. Key TCP/IP Metrics Analyzed by Zardaxt

For developers, security analysts, and system administrators who need to know the operating system behind every TCP connection, Zardaxt’s scoring link is an indispensable tool.

Zardaxt is often compared to other popular passive fingerprinting tools:

As the sun dipped below the horizon, Eira approached Mr. Zarda once more. "Master, I think I've found something incredible," she said, her voice trembling with excitement. "A lost manuscript, hidden away for centuries, with an Os score of 9.5!"

: You can examine the specific scoring implementation in the zardaxt_utils.py file on GitHub .

Zardaxt is a specialized open-source tool used for Passive TCP/IP Fingerprinting

is a passive TCP/IP fingerprinting methodology designed to identify a client’s true operating system by analyzing network packet headers. Developed by security researcher NikolaiT (Incolumitas), the Python-based implementation acts as a deep-packet analysis framework. It evaluates the parameters of the very first SYN packet in a TCP three-way handshake.

The Zardaxt OS Scoring Link works by running a series of tests on the operating system being evaluated. These tests cover a wide range of parameters, including:

: It can be used to monitor network health without intrusive scanning. 📊 The Scoring and Matching Logic

func main() link := "zardaxt://scoring/v3/evaluate?model_id=fraud&apikey=abc123" score, err := client.Score(link, []byte( "ip":"1.2.3.4" ))

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .