Alternatives and similar repositories for ja3

Users that are interested in ja3 are comparing it to the libraries listed below

• FoxIO-LLC / ja4
  JA4+ is a suite of network fingerprinting standards
  ☆1,504Updated last week
• salesforce / jarm
  ☆1,258Updated 2 years ago
• LeeBrotherston / tls-fingerprinting
  TLS Fingerprinting
  ☆392Updated 4 years ago
• zmap / zgrab2
  Fast Application Layer Scanner
  ☆1,949Updated this week
• activecm / rita-legacy
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,514Updated last year
• refraction-networking / utls
  Fork of the Go standard TLS library, providing low-level access to the ClientHello for mimicry purposes.
  ☆2,029Updated last month
• cloudflare / mitmengine
  A MITM (monster-in-the-middle) detection tool. Used to build MALCOLM:
  ☆811Updated last year
• cisagov / Malcolm
  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…
  ☆2,216Updated last week
• salesforce / hassh
  HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…
  ☆541Updated 4 months ago
• NikolaiT / zardaxt
  Passive TCP/IP Fingerprinting Tool. Run this on your server and find out what Operating Systems your clients are *really* using.
  ☆377Updated last year
• buffer / thug
  Python low-interaction honeyclient
  ☆1,020Updated this week
• CaliDog / certstream-python
  Python library for connecting to CertStream
  ☆457Updated last year
• thinkst / canarytokens
  Canarytokens helps track activity and actions on your network.
  ☆1,930Updated this week
• Yara-Rules / rules
  Repository of yara rules
  ☆4,521Updated last year
• Neo23x0 / signature-base
  YARA signature and IOC database for my scanners and tools
  ☆2,738Updated this week
• Srinivas11789 / PcapXray
  PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highli…
  ☆1,777Updated 3 years ago
• p0f / p0f
  p0f unofficial git repo
  ☆500Updated 6 years ago
• honeytrap / honeytrap
  Advanced Honeypot framework.
  ☆1,270Updated last year
• Velocidex / velociraptor
  Digging Deeper....
  ☆3,466Updated this week
• InQuest / awesome-yara
  A curated list of awesome YARA rules, tools, and people.
  ☆3,978Updated 5 months ago
• VirusTotal / yara-python
  The Python interface for YARA
  ☆707Updated 3 months ago
• mandiant / flare-fakenet-ng
  FakeNet-NG - Next Generation Dynamic Network Analysis Tool
  ☆1,996Updated last week
• mandiant / flare-floss
  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
  ☆3,691Updated 2 weeks ago
• 0x4D31 / fatt
  FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network …
  ☆674Updated last year
• GoSecure / pyrdp
  RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
  ☆1,724Updated last month
• alphasoc / flightsim
  A utility to safely generate malicious network traffic patterns and evaluate controls.
  ☆1,325Updated last year
• MISP / misp-warninglists
  Warning lists to inform users of MISP about potential false-positives or other information in indicators
  ☆586Updated this week
• yeti-platform / yeti
  Your Everyday Threat Intelligence
  ☆1,904Updated last month
• droe / sslsplit
  Transparent SSL/TLS interception
  ☆1,821Updated last year
• DinoTools / dionaea
  Home of the dionaea honeypot
  ☆770Updated last year