A TLSInfo object is now yielded by the PcapParser if its tlsinfo
attribute is set to true. This object contains the JA3, JA3S,
client/server TLS hello, and the JA3 and JA3S params.
To be able to calculate the JA3/JA3S, specific functionality by dpkt
is required. This is only added in later versions of dpkt (we currently
depend on v1.8.7) >=1.9.0. Using this newer version results into a large amount of unicode decoding
errors. Until we fully support Python3, the required logic is patched in when it is needed.
A TLSInfo object is now yielded by the PcapParser if its tlsinfo attribute is set to true. This object contains the JA3, JA3S, client/server TLS hello, and the JA3 and JA3S params.
To be able to calculate the JA3/JA3S, specific functionality by dpkt is required. This is only added in later versions of dpkt (we currently depend on v1.8.7) >=1.9.0. Using this newer version results into a large amount of unicode decoding errors. Until we fully support Python3, the required logic is patched in when it is needed.