Alternatives and similar repositories for ja3

Users that are interested in ja3 are comparing it to the libraries listed below

• FoxIO-LLC / ja4
  JA4+ is a suite of network fingerprinting standards
  ☆1,425Updated this week
• salesforce / jarm
  ☆1,247Updated 2 years ago
• LeeBrotherston / tls-fingerprinting
  TLS Fingerprinting
  ☆389Updated 4 years ago
• cloudflare / mitmengine
  A MITM (monster-in-the-middle) detection tool. Used to build MALCOLM:
  ☆812Updated last year
• droe / sslsplit
  Transparent SSL/TLS interception
  ☆1,811Updated 10 months ago
• refraction-networking / utls
  Fork of the Go standard TLS library, providing low-level access to the ClientHello for mimicry purposes.
  ☆1,997Updated last week
• p0f / p0f
  p0f unofficial git repo
  ☆496Updated 6 years ago
• cisagov / Malcolm
  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…
  ☆2,180Updated last week
• zmap / zgrab2
  Fast Application Layer Scanner
  ☆1,937Updated this week
• activecm / rita-legacy
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,514Updated last year
• salesforce / hassh
  HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…
  ☆542Updated 3 months ago
• iagox86 / dnscat2
  ☆3,658Updated last year
• Yara-Rules / rules
  Repository of yara rules
  ☆4,472Updated last year
• Neo23x0 / signature-base
  YARA signature and IOC database for my scanners and tools
  ☆2,704Updated last week
• brimdata / zui
  Zui is a powerful desktop application for exploring and working with data. The official front-end to the Zed lake.
  ☆1,864Updated this week
• buffer / thug
  Python low-interaction honeyclient
  ☆1,017Updated this week
• CUCyber / ja3transport
  Impersonating JA3 signatures
  ☆388Updated last year
• gamelinux / passivedns
  A network sniffer that logs all DNS server replies for use in a passive DNS setup
  ☆1,712Updated last year
• NikolaiT / zardaxt
  Passive TCP/IP Fingerprinting Tool. Run this on your server and find out what Operating Systems your clients are *really* using.
  ☆376Updated last year
• fooinha / nginx-ssl-ja3
  nginx module for SSL/TLS ja3 fingerprint.
  ☆210Updated 4 months ago
• DidierStevens / DidierStevensSuite
  Please no pull requests for this repository. Thanks!
  ☆2,277Updated last month
• VirusTotal / yara-python
  The Python interface for YARA
  ☆701Updated 2 months ago
• cisco / mercury
  Mercury: network metadata capture and analysis
  ☆472Updated 2 months ago
• InQuest / awesome-yara
  A curated list of awesome YARA rules, tools, and people.
  ☆3,895Updated 4 months ago
• mandiant / flare-fakenet-ng
  FakeNet-NG - Next Generation Dynamic Network Analysis Tool
  ☆1,972Updated 3 months ago
• Velocidex / velociraptor
  Digging Deeper....
  ☆3,374Updated this week
• VirusTotal / yara
  The pattern matching swiss knife
  ☆8,977Updated this week
• thinkst / canarytokens
  Canarytokens helps track activity and actions on your network.
  ☆1,879Updated this week
• cisco / joy
  A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.
  ☆1,340Updated last year
• yeti-platform / yeti
  Your Everyday Threat Intelligence
  ☆1,888Updated last week