P0f is an OS Fingerprinting and Forensics Tool that uses an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) Using p0f will be able to reason about application-level payloads without interfering in any way. The tool is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason.”]
Source: https://gbhackers.com/os-fingerprinting-forensics-tool/