JA3
A method for profiling SSL/TLS Clients with easy-to-produce client fingerprints.
CrowdSec is a free, modern & collaborative behavior detection engine, IPV6 compatible and 60x faster than fail2ban, using Grok patterns and YAML scenarios to identify behaviors, engineered for modern Cloud / Containers / VM-based infrastructures.
A method for profiling SSL/TLS Clients with easy-to-produce client fingerprints.
A module for loading Bro logs as tables in Osquery
PFQ v6.2 is a functional framework for Linux optimized for efficient packet capture/transmission and in-kernel processing.
A tool for analyzing TCP packet traces with color support.
Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.
A KDE Plasma 4 widget that displays real-time traffic information for active network connections on Linux computers.