Skip to content

LeeBrotherston/tls-fingerprinting

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

TLS Fingerprinting Build Status

These tools are to enable the matching (either on the wire or via pcap), creation, and export of TLS Fingerprints to other formats. For futher information on TLS Fingerprinting:

In summary the tools are:

  • FingerprinTLS: TLS session detection on the wire or PCAP and subsequent fingerprint detetion / creation.

  • Fingerprintout: Export to other formats such as Suricata/Snort rules, ANSI C Structs, "clean" output and xkeyscore (ok, it's regex). NOTE: Because of a lack of flexibility in the suricata/snort rules language, this is currently less accurate than using FingerprinTLS to detect fingerprints and so may require tuning.

  • fingerprints.json: The fingerprint "database" itself.

Please feel free to raise issues and make pull requests to submit code changes, fingerprint submissions, etc.

You can find me on twitter and the project on twitter also.