Alternatives and similar repositories for ja4:

Users that are interested in ja4 are comparing it to the libraries listed below

• salesforce / ja3
  JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
  ☆2,834Updated last year
• salesforce / jarm
  ☆1,194Updated last year
• NikolaiT / zardaxt
  Passive TCP/IP Fingerprinting Tool. Run this on your server and find out what Operating Systems your clients are *really* using.
  ☆305Updated last year
• fooinha / nginx-ssl-ja3
  nginx module for SSL/TLS ja3 fingerprint.
  ☆200Updated 4 months ago
• kunai-project / kunai
  Threat-hunting tool for Linux
  ☆431Updated last week
• CUCyber / ja3transport
  Impersonating JA3 signatures
  ☆379Updated 11 months ago
• VirusTotal / yara-x
  A rewrite of YARA in Rust.
  ☆701Updated this week
• pagpeter / TrackMe
  ☆255Updated 2 weeks ago
• 0x4D31 / galah
  Galah: An LLM-powered web honeypot.
  ☆461Updated 3 months ago
• mandiant / GoReSym
  Go symbol recovery tool
  ☆652Updated 3 months ago
• xnih / satori
  Python rewrite of passive OS fingerprinting tool
  ☆158Updated 6 months ago
• refraction-networking / utls
  Fork of the Go standard TLS library, providing low-level access to the ClientHello for mimicry purposes.
  ☆1,774Updated 2 weeks ago
• wi1dcard / fingerproxy
  Fingerproxy is an HTTPS reverse proxy. It creates JA3, JA4, Akamai HTTP2 fingerprints, and forwards to backend via HTTP request headers.
  ☆146Updated last month
• LeeBrotherston / tls-fingerprinting
  TLS Fingerprinting
  ☆381Updated 4 years ago
• fkie-cad / friTap
  Simplifying SSL/TLS traffic analysis for researchers by making SSL decryption effortless.
  ☆312Updated last week
• phuslu / nginx-ssl-fingerprint
  high performance ja3 and http2 fingerprint for nginx.
  ☆157Updated this week
• aquasecurity / traceeshark
  Deep Linux runtime visibility meets Wireshark
  ☆257Updated 2 weeks ago
• FoxIO-LLC / ja4-nginx-module
  Nginx module that calcuates fingerprints from the JA4+ suite
  ☆46Updated 2 months ago
• mozillazg / ptcpdump
  Process-aware, eBPF-based tcpdump
  ☆803Updated this week
• microsoft / avml
  AVML - Acquire Volatile Memory for Linux
  ☆901Updated this week
• quarkslab / peetch
  An eBPF playground
  ☆201Updated last year
• cloudflare / mitmengine
  A MITM (monster-in-the-middle) detection tool. Used to build MALCOLM:
  ☆810Updated 9 months ago
• CERT-Polska / karton
  Distributed malware processing framework based on Python, Redis and S3.
  ☆397Updated last week
• musana / CF-Hero
  CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applicat…
  ☆703Updated 3 weeks ago
• Nisitay / pyp0f
  p0f v3 with impersonation spoofing, written in Python - Accurately guess the OS of a packet with passive fingerprinting.
  ☆55Updated 8 months ago
• PerimeterX / restringer
  A Javascript Deobfuscator
  ☆378Updated last month
• zmap / zgrab2
  Fast Application Layer Scanner
  ☆1,798Updated this week
• h3xduck / TripleCross
  A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
  ☆1,807Updated 9 months ago
• mosajjal / dnsmonster
  Passive DNS Capture and Monitoring Toolkit
  ☆320Updated 3 weeks ago
• gospider007 / fp
  🚀obtain the client's ja3 fingerprint, http2 fingerprint, and ja4 fingerprint
  ☆79Updated 3 weeks ago