4 tools and resources
A project that detects malicious SSL connections by identifying and blacklisting SSL certificates used by botnet C&C servers and identifying JA3 fingerprints to detect and block malware botnet C&C communication.
A script for extracting network metadata and fingerprints such as JA3 and HASSH from packet capture files or live network traffic.
A method for profiling SSL/TLS Clients with easy-to-produce client fingerprints.
A comprehensive server cryptographic protocol analyzer with API and CLI interface.