Awesome
JA3 in Java
Java code to profile SSL/TLS clients
Table of Contents
Background
JA3 is a method for creating SSL/TLS client fingerprints that are easy to produce and can be easily shared for threat intelligence.
This repo includes java library for building the JA3 fingerprint string during SSL negotiation.
JA3 is a specification created and open sourced by Salesforce team here.
Install
This is packaged as a java library and can be imported as maven or gradle dependency in your project. There are no special installation instructions.
Usage
Wrap your SSL engine implementation using the JA3 wrapper and then access the fingerprint after the handshake is completed.
// SSL Handler Wrapper
final JA3SSLEngineWrapper ja3Wrapper = new JA3SSLEngineWrapper(sslEngine);
// Accessing the finger print
final String ja3ClientSignature = (String) sslSession.getValue(JA3Constants.JA3_FINGERPRINT);
Contribute
Please refer to the contributing.md for information about how to get involved. We welcome issues, questions, and pull requests. Pull Requests are welcome.
Maintainers
Luis Alves: (lafa at verizonmedia.com)
License
This project is licensed under the terms of the Apache 2.0 open source license. Please refer to LICENSE for the full terms.