Alternatives and similar repositories for ja4tscan

Users that are interested in ja4tscan are comparing it to the libraries listed below

• adulau / HHHash
  HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.
  ☆79Updated 2 years ago
• c2links / NoWhere2Hide
  C2 Active Scanner
  ☆59Updated last year
• referefref / honeydet
  Signature based honeypot detector tool written in Golang
  ☆107Updated 9 months ago
• tstromberg / sunlight
  Linux #rootkit and #malware revealer
  ☆30Updated last year
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆150Updated last year
• fox-it / skrapa
  A zero dependency and customizable Python library for scanning Windows and Linux process memory.
  ☆66Updated last year
• closed-systems / strangerstrings
  A little tool to filter the stranger strings from a binary so you can analyze the good ones
  ☆52Updated 3 months ago
• vanhoefm / tunneltester
  ☆75Updated 5 months ago
• Velocidex / Linpmem
  Linpmem is a linux memory acquisition tool
  ☆95Updated 6 months ago
• montysecurity / YaraMonitor
  Framework for Monitoring File Ingestion Source for Yara Matches
  ☆50Updated 9 months ago
• hdm / ctail
  Tail Certificate Transparency logs and extract hostnames
  ☆126Updated 6 months ago
• google / facade
  ☆136Updated 5 months ago
• referefref / modpot
  Modular web-application honeypot platform built using go and gin
  ☆63Updated last year
• StrangerealIntel / Shadow-Pulse
  information about ransomware groups (Ransomware Analysis Notes)
  ☆40Updated 2 years ago
• michelcrypt4d4mus / yaralyzer
  Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.
  ☆144Updated 3 weeks ago
• 0x4D31 / finch
  Fingerprint-aware TLS reverse proxy. Use Finch to outsmart bad traffic—collect client fingerprints (JA3, JA4 +QUIC, JA4H, HTTP/2) and act…
  ☆284Updated last month
• Sh1n0g1 / z9
  PowerShell Script Analyzer
  ☆70Updated 2 years ago
• blackhillsinfosec / GoSpoof
  Rebuild of portspoof in GO with additional features.
  ☆26Updated 2 months ago
• bobby-tablez / TTP-Threat-Feeds
  Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨
  ☆40Updated last week
• LOLESXi-Project / LOLESXi
  LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…
  ☆142Updated 3 weeks ago
• kunai-project / sandbox
  Sandbox samples and monitor them with kunai
  ☆29Updated 6 months ago
• markkcc / crxaminer
  Examine Chrome extensions for security issues
  ☆90Updated last month
• moval0x1 / NoDelete
  NoDelete is a tool that assists in malware analysis by locking a folder where malware drops files before deleting them.
  ☆49Updated last month
• RussianPanda95 / Configuration_extractors
  Configuration Extractors for Malware
  ☆121Updated 8 months ago
• yaaras / honeybee
  Create honeypots for cloud environments
  ☆108Updated 3 months ago
• volexity / GoResolver
  GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…
  ☆75Updated 4 months ago
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Updated 6 months ago
• 0x534a / dynmx
  Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
  ☆82Updated 2 years ago
• ManuelBerrueta / urlyzer
  urlyzer is a URL parsing analysis tool.
  ☆24Updated last year
• hackerschoice / bpfhacks
  eBPF hacks
  ☆193Updated last year