Skip to content

Scanning Engine v2 - Module - Fortinet

Overview

Targeting

Schemas

The schema for the body object of all results generated with .task.module_name equal to fortinet can be found here. The schema for results is available both in standalone and bundled form.

Examples

These are examples of the .body object for results with .task.module_name equal to fortinet.

Live Host

This example was generated with a live host on the internet.

{
  "name": "Fortinet FortiGate SSL VPN",
  "url": "https://12.191.121.106/remote/login",
  "evidence": [],
  "redirects": [
    "https://12.191.121.106/remote/login?lang=en"
  ],
  "fingerprinting": {
    "evidence": [
      {
        "path": "/lang/x-sjis.json",
        "hash": "fede54cca1bc2eeb979398b6668b3e6d1851f20b890ffda7ebaf60d80c1d476f",
        "versions": 1,
        "matches": [
          "/lang/x-sjis.json"
        ],
        "tag": "shared"
      }
    ],
    "versions": [
      {
        "version": "7.4.0.F",
        "date": "2023-05-09"
      }
    ],
    "interface": "sslvpn"
  }
}

Changelog

v1.0.3 (2026-01-28)

  • Fixed bug where some redirects were followed but not included in the result.
  • Fixed bug where the interface type was not included in the result even when it was known.

v1.0.2 (2025-06-02)

  • Added enhanced serial number detection for Fortinet devices via X.509 certificates. The module now maps device serial numbers found in certificate Common Name fields to specific Fortinet product names, improving device identification accuracy.

v1.0.1 (2025-05-26)

  • Removed header detection for X-Frame-Options, Content-Security-Policy, and X-XSS-Protection headers due to false positives. These headers are commonly used by many web applications and were causing incorrect FortiGate identifications.

v1.0.0 (2025-05-05)

  • Initial release of versioning for each module. All modules are being tagged with version number 1.0.0. Going forward:
  • Major version should be changed when there are changes that impact consumers or clients of the modules.
  • Minor version should be changed when there are additions which enrich or enhance the module but shouldn't affect consumers or clients.
  • Patch version should be changed when there are bugfixes.