Alternatives and similar repositories for ja3

Users that are interested in ja3 are comparing it to the libraries listed below

• trisulnsm / ja3prints
  JA3 TLS Fingerprint database
  ☆79Updated 5 years ago
• salesforce / GQUIC_Protocol_Analyzer
  GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor
  ☆78Updated last year
• xnih / satori
  Python rewrite of passive OS fingerprinting tool
  ☆176Updated 2 months ago
• D4-project / BGP-Ranking
  BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)
  ☆73Updated last year
• fox-it / OpenSSH-Network-Parser
  Project to decrypt and parse SSH traffic
  ☆66Updated 4 years ago
• PaloAltoNetworks / pyjarm
  pyJARM is a library for doing JARM fingerprinting using python
  ☆50Updated 3 months ago
• D4-project / IPASN-History
  IP ASN History to find ASN announcing an IP and the closest prefix announcing it at a specific date
  ☆94Updated last month
• m-chrome / py-suricataparser
  Pure python parser for Snort/Suricata rules.
  ☆33Updated last year
• corelight / ripple20
  A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.
  ☆33Updated 3 years ago
• spyre-project / spyre
  simple YARA-based IOC scanner
  ☆169Updated this week
• regit / suriwire
  Wireshark plugin to display Suricata analysis info
  ☆95Updated 3 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆74Updated 3 weeks ago
• CERT-Polska / hfinger
  Hfinger - fingerprinting HTTP requests
  ☆139Updated 2 years ago
• stratosphereips / yara-rules
  Repository of Yara rules created by the Stratosphere team
  ☆26Updated 4 years ago
• Rafiot / pdfid
  Clone of PDFiD by Didier Stevens, as a package and with some improvements.
  ☆38Updated 9 years ago
• muzuiget / mitmpcap
  export mitmproxy traffic to PCAP file
  ☆57Updated last year
• sandflysecurity / sandfly-file-decloak
  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
  ☆25Updated 2 years ago
• kryptoslogic / rdppot
  RDP honeypot
  ☆67Updated 6 years ago
• Polydet / polydet
  Polyglot detector
  ☆21Updated last month
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆31Updated last week
• FoxIO-LLC / ja4tscan
  JA4TScan is an active TCP server fingerprinting tool.
  ☆84Updated 10 months ago
• REMnux / salt-states
  This repository maintains the SaltStack state files for the REMnux distro.
  ☆49Updated last week
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆102Updated 3 years ago
• certego / PcapMonkey
  PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
  ☆155Updated 3 months ago
• OISF / suricata-verify
  Suricata Verification Tests - Testing Suricata Output
  ☆111Updated this week
• Te-k / pycrtsh
  Python 3 library to request https://crt.sh/
  ☆33Updated 2 months ago
• Yara-Rules / yara-endpoint
  Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
  ☆109Updated 7 years ago
• sandialabs / gait
  Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies
  ☆34Updated last year
• Cymmetria / ciscoasa_honeypot
  A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.
  ☆52Updated 6 years ago
• 0xrawsec / gene-rules
  ☆41Updated 2 years ago