JA3
JA3 is a method for creating SSL/TLS client fingerprints that can be easily shared for threat intelligence. It was invented at Salesforce in 2017 but is now maintained by John Althouse at FoxIO-LLC. The project includes JA3 and JA3S scripts for Zeek and Python, with support added to various cybersecurity tools and platforms.
FEATURES
ALTERNATIVES
SentryPeer is a fraud detection tool that monitors and detects fraudulent activities on SIP servers, capturing IP addresses and phone numbers of suspicious activities and providing a notification system to service providers.
A utility to generate malicious network traffic for security evaluation.
A secure mobile network solution that implements post-quantum encryption, decentralized architecture, and multi-layered authentication to protect mobile communications against current and future cyber threats.
A foundational guide for using deception against computer network adversaries using honeypots to detect adversaries before they accomplish their goals.
A multi-threaded scanner for identifying CORS flaws and misconfigurations
A multi-threading tool for sniffing HTTP header records with support for offline and live sniffing, TCP flow statistics, and JSON output.
Prisma SASE is a cloud-delivered service integrating network security, SD-WAN, and user experience management for comprehensive protection and optimization of hybrid work environments.
PINNED
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.