JA3 Logo

JA3

0
Free
Visit Website

JA3 is a method for creating SSL/TLS client fingerprints that can be easily shared for threat intelligence. It was invented at Salesforce in 2017 but is now maintained by John Althouse at FoxIO-LLC. The project includes JA3 and JA3S scripts for Zeek and Python, with support added to various cybersecurity tools and platforms.

FEATURES

ALTERNATIVES

JARM is a TLS server fingerprinting tool used for identifying server configurations and malicious infrastructure.

A Yara scanner for IMAP feeds and saved streams, extracting attachments and scanning them with chosen Yara rule files.

An intrusion prevention system for SSH that blocks IP addresses after a set number of consecutive failed login attempts.

A daemon for blocking USB keystroke injection devices on Linux systems

Fail2ban is a daemon that scans log files and bans IPs showing malicious signs to protect servers from brute-force attacks.

A command-line tool for taking screenshots of web pages using Chrome Headless

A tool for domain flyovers

A tool for scanning networks, enumerating Siemens PLCs, and gathering detailed information about them.