-
Build SSH client fingerprinting like JA3 does for SSL.
Take KEX algorithm list, encryption, hashing and compression algorithm choices (anything else?) from the client. Hash these and create the fin…
-
In ja3fingerprint.json, the chunk at the bottom (that was taken from the original salesforce fingerprint list) has the "desc" and "ja3_hash" fields backwards for some reason.
-
Having access to raw ClientHello can be useful for fingerprinting clients [1] for further analysis.
In openssl this can be done by setting up callback through SSL_CTX_set_msg_callback. Would be nice …
-
Hello MISP Team,
I tried out the new object feature. Tu fulfill my needs I created a custom object category by adding the JSON structure to the MISP/app/files/misp-objects/objects directory. Everyt…