Alternatives and similar repositories for ja3

Users that are interested in ja3 are comparing it to the libraries listed below

• FoxIO-LLC / ja4
  JA4+ is a suite of network fingerprinting standards
  ☆1,608Updated this week
• salesforce / jarm
  ☆1,269Updated 2 years ago
• LeeBrotherston / tls-fingerprinting
  TLS Fingerprinting
  ☆395Updated 5 years ago
• cloudflare / mitmengine
  A MITM (monster-in-the-middle) detection tool. Used to build MALCOLM:
  ☆812Updated last year
• zmap / zgrab2
  Fast Application Layer Scanner
  ☆1,990Updated this week
• p0f / p0f
  p0f unofficial git repo
  ☆504Updated 6 years ago
• buffer / thug
  Python low-interaction honeyclient
  ☆1,017Updated this week
• refraction-networking / utls
  Fork of the Go standard TLS library, providing low-level access to the ClientHello for mimicry purposes.
  ☆2,104Updated last month
• NikolaiT / zardaxt
  Passive TCP/IP Fingerprinting Tool. Run this on your server and find out what Operating Systems your clients are *really* using.
  ☆385Updated this week
• arkime / arkime
  Arkime is an open source, large scale, full packet capturing, indexing, and database system.
  ☆7,193Updated this week
• droe / sslsplit
  Transparent SSL/TLS interception
  ☆1,827Updated 3 weeks ago
• salesforce / hassh
  HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…
  ☆541Updated 6 months ago
• CaliDog / certstream-python
  Python library for connecting to CertStream
  ☆464Updated last year
• cisagov / Malcolm
  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…
  ☆2,269Updated 2 weeks ago
• MISP / misp-warninglists
  Warning lists to inform users of MISP about potential false-positives or other information in indicators
  ☆594Updated 2 weeks ago
• thinkst / canarytokens
  Canarytokens helps track activity and actions on your network.
  ☆1,978Updated 2 weeks ago
• xnih / satori
  Python rewrite of passive OS fingerprinting tool
  ☆191Updated 6 months ago
• CUCyber / ja3transport
  Impersonating JA3 signatures
  ☆393Updated last year
• zmap / zdns
  Fast DNS Lookup Library and CLI Tool
  ☆1,040Updated this week
• activecm / rita-legacy
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,509Updated last year
• Neo23x0 / signature-base
  YARA signature and IOC database for my scanners and tools
  ☆2,793Updated 2 weeks ago
• honeytrap / honeytrap
  Advanced Honeypot framework.
  ☆1,284Updated 2 years ago
• zeek / zeek
  Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
  ☆7,237Updated this week
• Yara-Rules / rules
  Repository of yara rules
  ☆4,580Updated last year
• iagox86 / dnscat2
  ☆3,746Updated last year
• yeti-platform / yeti
  Your Everyday Threat Intelligence
  ☆1,929Updated last week
• gamelinux / passivedns
  A network sniffer that logs all DNS server replies for use in a passive DNS setup
  ☆1,729Updated last year
• VirusTotal / yara-python
  The Python interface for YARA
  ☆715Updated 5 months ago
• ossec / ossec-hids
  OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, roo…
  ☆4,917Updated 9 months ago
• nsacyber / Mitigating-Web-Shells
  Guidance for mitigation web shells. #nsacyber
  ☆983Updated 2 years ago