Alternatives and similar repositories for ja3

Users that are interested in ja3 are comparing it to the libraries listed below

• FoxIO-LLC / ja4
  JA4+ is a suite of network fingerprinting standards
  ☆1,337Updated 3 weeks ago
• salesforce / jarm
  ☆1,240Updated last year
• LeeBrotherston / tls-fingerprinting
  TLS Fingerprinting
  ☆388Updated 4 years ago
• cloudflare / mitmengine
  A MITM (monster-in-the-middle) detection tool. Used to build MALCOLM:
  ☆811Updated last year
• zmap / zgrab2
  Fast Application Layer Scanner
  ☆1,892Updated last week
• iagox86 / dnscat2
  ☆3,610Updated last year
• buffer / thug
  Python low-interaction honeyclient
  ☆1,016Updated last week
• droe / sslsplit
  Transparent SSL/TLS interception
  ☆1,801Updated 9 months ago
• JPCERTCC / LogonTracer
  Investigate malicious Windows logon by visualizing and analyzing Windows event log
  ☆2,911Updated last year
• stamparm / maltrail
  Malicious traffic detection system
  ☆7,030Updated this week
• CUCyber / ja3transport
  Impersonating JA3 signatures
  ☆392Updated last year
• darkoperator / dnsrecon
  DNS Enumeration Script
  ☆2,800Updated last week
• Neo23x0 / Loki
  Loki - Simple IOC and YARA Scanner
  ☆3,565Updated 7 months ago
• mandiant / flare-fakenet-ng
  FakeNet-NG - Next Generation Dynamic Network Analysis Tool
  ☆1,943Updated 2 months ago
• volatilityfoundation / volatility
  An advanced memory forensics framework
  ☆7,729Updated last month
• zmap / zmap
  ZMap is a fast single packet network scanner designed for Internet-wide network surveys.
  ☆5,818Updated 2 weeks ago
• mandiant / flare-floss
  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
  ☆3,562Updated last week
• activecm / rita-legacy
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,513Updated 11 months ago
• ivre / ivre
  Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run yo…
  ☆3,734Updated last week
• zeek / zeek
  Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
  ☆6,969Updated this week
• cisagov / Malcolm
  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…
  ☆2,143Updated this week
• NextronSystems / APTSimulator
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,610Updated 2 years ago
• Yara-Rules / rules
  Repository of yara rules
  ☆4,426Updated last year
• mitre-attack / attack-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆2,165Updated last month
• maliceio / malice
  VirusTotal Wanna Be - Now with 100% more Hipster
  ☆1,689Updated 2 years ago
• hslatman / awesome-threat-intelligence
  A curated list of Awesome Threat Intelligence resources
  ☆8,900Updated last month
• honeytrap / honeytrap
  Advanced Honeypot framework.
  ☆1,264Updated last year
• outflanknl / RedELK
  Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term o…
  ☆2,475Updated last week
• VirusTotal / yara
  The pattern matching swiss knife
  ☆8,856Updated 3 weeks ago
• christophetd / CloudFlair
  🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
  ☆2,752Updated last month