Alternatives and similar repositories for ja4

Users that are interested in ja4 are comparing it to the libraries listed below

• salesforce / ja3
  JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
  ☆3,018Updated 5 months ago
• NikolaiT / zardaxt
  Passive TCP/IP Fingerprinting Tool. Run this on your server and find out what Operating Systems your clients are *really* using.
  ☆380Updated last year
• salesforce / jarm
  ☆1,263Updated 2 years ago
• VirusTotal / yara-x
  A rewrite of YARA in Rust.
  ☆901Updated this week
• fooinha / nginx-ssl-ja3
  nginx module for SSL/TLS ja3 fingerprint.
  ☆213Updated 7 months ago
• FoxIO-LLC / ja4-nginx-module
  Nginx module that calcuates fingerprints from the JA4+ suite
  ☆76Updated 3 weeks ago
• 0x4D31 / galah
  Galah: An LLM-powered web honeypot.
  ☆598Updated 3 months ago
• kunai-project / kunai
  Threat-hunting tool for Linux
  ☆986Updated 2 months ago
• wi1dcard / fingerproxy
  Fingerproxy is an HTTPS reverse proxy. It creates JA3, JA4, Akamai HTTP2 fingerprints, and forwards to backend via HTTP request headers.
  ☆272Updated 5 months ago
• refraction-networking / utls
  Fork of the Go standard TLS library, providing low-level access to the ClientHello for mimicry purposes.
  ☆2,086Updated last week
• pagpeter / TrackMe
  ☆348Updated last month
• CUCyber / ja3transport
  Impersonating JA3 signatures
  ☆391Updated last year
• phuslu / nginx-ssl-fingerprint
  High performance ja3 and http2 fingerprint for nginx.
  ☆195Updated last month
• qpoint-io / qtap
  Qtap: An eBPF agent that captures pre-encrypted network traffic, providing rich context about egress connections and their originating pr…
  ☆1,356Updated last week
• cloudflare / mitmengine
  A MITM (monster-in-the-middle) detection tool. Used to build MALCOLM:
  ☆812Updated last year
• microsoft / SysmonForLinux
  Sysmon for Linux
  ☆1,981Updated 3 months ago
• fingerprintjs / BotD
  Bot detection library that runs in the browser. Detects automation tools and frameworks. No server required, runs 100% on the client. MIT…
  ☆1,308Updated last week
• zmap / zgrab2
  Fast Application Layer Scanner
  ☆1,975Updated last week
• Danny-Dasilva / CycleTLS
  Spoof TLS/JA3 fingerprints in GO and Javascript
  ☆1,187Updated 3 weeks ago
• mandiant / GoReSym
  Go symbol recovery tool
  ☆829Updated 2 months ago
• microsoft / avml
  AVML - Acquire Volatile Memory for Linux
  ☆1,005Updated this week
• bogdanfinn / tls-client
  net/http.Client like HTTP Client with options to select specific client TLS Fingerprints to use for requests.
  ☆1,285Updated last month
• d-Rickyy-b / certstream-server-go
  This project aims to be a drop-in replacement for the certstream server by Calidog. This tool aggregates, parses, and streams certificate…
  ☆162Updated 2 weeks ago
• X4BNet / lists_vpn
  Lists of VPN providers (automatically updated)
  ☆693Updated this week
• abrahamjuliot / web-fingerprinting
  web fingerprinting research
  ☆237Updated 2 years ago
• mandatoryprogrammer / thermoptic
  A next-generation HTTP stealth proxy which perfectly cloaks requests as the Chrome browser across all layers of the stack.
  ☆683Updated this week
• abrahamjuliot / creepjs
  Creepy device and browser fingerprinting
  ☆2,067Updated last month
• FoxIO-LLC / ja4tscan
  JA4TScan is an active TCP server fingerprinting tool.
  ☆92Updated last year
• nitefood / asn
  ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Ne…
  ☆1,762Updated 3 weeks ago
• citronneur / pamspy
  Credentials Dumper for Linux using eBPF
  ☆1,147Updated last year