-
JA3S is JA3 for the Server side of the SSL/TLS communication and fingerprints how servers respond to particular clients. See https://github.com/salesforce/ja3. Hopefully not too complicated since we…
-
https://github.com/salesforce/ja3
-
When trying to save a ja3 object, the md5 is rejected when ja3-fingerprint-md5 has a category of Network Activity (default):
```
Could not save object as at least one attribute has failed validation…
-
Build SSH client fingerprinting like JA3 does for SSL.
Take KEX algorithm list, encryption, hashing and compression algorithm choices (anything else?) from the client. Hash these and create the fin…
-
In ja3fingerprint.json, the chunk at the bottom (that was taken from the original salesforce fingerprint list) has the "desc" and "ja3_hash" fields backwards for some reason.
-
Having access to raw ClientHello can be useful for fingerprinting clients [1] for further analysis.
In openssl this can be done by setting up callback through SSL_CTX_set_msg_callback. Would be nice …
-
Hello MISP Team,
I tried out the new object feature. Tu fulfill my needs I created a custom object category by adding the JSON structure to the MISP/app/files/misp-objects/objects directory. Everyt…