Alternatives and similar repositories for ja3:

Users that are interested in ja3 are comparing it to the libraries listed below

• FoxIO-LLC / ja4
  JA4+ is a suite of network fingerprinting standards
  ☆1,239Updated last week
• salesforce / jarm
  ☆1,218Updated last year
• LeeBrotherston / tls-fingerprinting
  TLS Fingerprinting
  ☆387Updated 4 years ago
• zmap / zgrab2
  Fast Application Layer Scanner
  ☆1,856Updated this week
• cloudflare / mitmengine
  A MITM (monster-in-the-middle) detection tool. Used to build MALCOLM:
  ☆808Updated last year
• Neo23x0 / signature-base
  YARA signature and IOC database for my scanners and tools
  ☆2,603Updated last week
• gamelinux / passivedns
  A network sniffer that logs all DNS server replies for use in a passive DNS setup
  ☆1,694Updated 10 months ago
• buffer / thug
  Python low-interaction honeyclient
  ☆1,010Updated last week
• Yara-Rules / rules
  Repository of yara rules
  ☆4,372Updated last year
• refraction-networking / utls
  Fork of the Go standard TLS library, providing low-level access to the ClientHello for mimicry purposes.
  ☆1,863Updated this week
• VirusTotal / yara-python
  The Python interface for YARA
  ☆688Updated 2 weeks ago
• mattnotmax / cyberchef-recipes
  A list of cyber-chef recipes and curated links
  ☆2,074Updated 10 months ago
• CUCyber / ja3transport
  Impersonating JA3 signatures
  ☆386Updated last year
• activecm / rita-legacy
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,509Updated 9 months ago
• darkoperator / dnsrecon
  DNS Enumeration Script
  ☆2,759Updated this week
• p0f / p0f
  p0f unofficial git repo
  ☆489Updated 5 years ago
• VirusTotal / yara
  The pattern matching swiss knife
  ☆8,721Updated 2 weeks ago
• Ne0nd0g / merlin
  Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
  ☆5,222Updated last week
• maliceio / malice
  VirusTotal Wanna Be - Now with 100% more Hipster
  ☆1,682Updated 2 years ago
• CaliDog / certstream-python
  Python library for connecting to CertStream
  ☆443Updated 9 months ago
• honeytrap / honeytrap
  Advanced Honeypot framework.
  ☆1,249Updated last year
• salesforce / hassh
  HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…
  ☆540Updated last year
• zeek / zeek
  Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
  ☆6,809Updated this week
• ptresearch / AttackDetection
  Attack Detection
  ☆1,353Updated 2 years ago
• arkime / arkime
  Arkime is an open source, large scale, full packet capturing, indexing, and database system.
  ☆6,603Updated this week
• thinkst / canarytokens
  Canarytokens helps track activity and actions on your network.
  ☆1,833Updated last week
• iagox86 / dnscat2
  ☆3,568Updated last year
• mandiant / flare-fakenet-ng
  FakeNet-NG - Next Generation Dynamic Network Analysis Tool
  ☆1,895Updated 2 weeks ago
• JPCERTCC / LogonTracer
  Investigate malicious Windows logon by visualizing and analyzing Windows event log
  ☆2,879Updated 10 months ago
• mitre / cti
  Cyber Threat Intelligence Repository expressed in STIX 2.0
  ☆1,840Updated this week