Alternatives and similar repositories for ja3

Users that are interested in ja3 are comparing it to the libraries listed below

• FoxIO-LLC / ja4
  JA4+ is a suite of network fingerprinting standards
  ☆1,572Updated last week
• salesforce / jarm
  ☆1,263Updated 2 years ago
• LeeBrotherston / tls-fingerprinting
  TLS Fingerprinting
  ☆394Updated 5 years ago
• cloudflare / mitmengine
  A MITM (monster-in-the-middle) detection tool. Used to build MALCOLM:
  ☆812Updated last year
• p0f / p0f
  p0f unofficial git repo
  ☆501Updated 6 years ago
• zmap / zgrab2
  Fast Application Layer Scanner
  ☆1,975Updated last week
• NikolaiT / zardaxt
  Passive TCP/IP Fingerprinting Tool. Run this on your server and find out what Operating Systems your clients are *really* using.
  ☆380Updated 2 years ago
• activecm / rita-legacy
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,509Updated last year
• Neo23x0 / signature-base
  YARA signature and IOC database for my scanners and tools
  ☆2,770Updated this week
• cisagov / Malcolm
  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…
  ☆2,255Updated 3 weeks ago
• buffer / thug
  Python low-interaction honeyclient
  ☆1,021Updated last week
• droe / sslsplit
  Transparent SSL/TLS interception
  ☆1,824Updated last year
• iagox86 / dnscat2
  ☆3,722Updated last year
• mandiant / flare-floss
  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
  ☆3,748Updated last week
• SigmaHQ / sigma
  Main Sigma Rule Repository
  ☆9,719Updated this week
• VirusTotal / yara
  The pattern matching swiss knife
  ☆9,157Updated last week
• salesforce / hassh
  HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…
  ☆541Updated 5 months ago
• Neo23x0 / yarGen
  yarGen is a generator for YARA rules
  ☆1,728Updated 2 weeks ago
• DidierStevens / DidierStevensSuite
  Please no pull requests for this repository. Thanks!
  ☆2,336Updated last week
• mandiant / flare-fakenet-ng
  FakeNet-NG - Next Generation Dynamic Network Analysis Tool
  ☆2,015Updated last month
• Neo23x0 / Loki
  Loki - Simple IOC and YARA Scanner
  ☆3,664Updated last month
• Yara-Rules / rules
  Repository of yara rules
  ☆4,560Updated last year
• InQuest / awesome-yara
  A curated list of awesome YARA rules, tools, and people.
  ☆4,044Updated 7 months ago
• fooinha / nginx-ssl-ja3
  nginx module for SSL/TLS ja3 fingerprint.
  ☆213Updated 7 months ago
• MISP / MISP
  MISP (core software) - Open Source Threat Intelligence and Sharing Platform
  ☆5,968Updated last week
• arkime / arkime
  Arkime is an open source, large scale, full packet capturing, indexing, and database system.
  ☆7,156Updated this week
• Srinivas11789 / PcapXray
  PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highli…
  ☆1,780Updated 3 years ago
• ssdeep-project / ssdeep
  Fuzzy hashing API and fuzzy hashing tool
  ☆754Updated last month
• mitre / caldera
  Automated Adversary Emulation Platform
  ☆6,493Updated last week
• kevoreilly / CAPEv2
  Malware Configuration And Payload Extraction
  ☆2,760Updated this week