Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/LeeBrotherston/tls-fingerprinting
TLS Fingerprinting
https://github.com/LeeBrotherston/tls-fingerprinting
Last synced: 18 days ago
JSON representation
TLS Fingerprinting
- Host: GitHub
- URL: https://github.com/LeeBrotherston/tls-fingerprinting
- Owner: LeeBrotherston
- License: gpl-3.0
- Created: 2015-09-14T13:21:41.000Z (about 9 years ago)
- Default Branch: master
- Last Pushed: 2020-10-20T16:17:51.000Z (about 4 years ago)
- Last Synced: 2024-08-01T08:09:44.378Z (4 months ago)
- Language: C
- Homepage:
- Size: 510 KB
- Stars: 373
- Watchers: 42
- Forks: 80
- Open Issues: 14
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG
Awesome Lists containing this project
README
# TLS Fingerprinting [![Build Status](https://travis-ci.org/LeeBrotherston/tls-fingerprinting.svg?branch=master)](https://travis-ci.org/LeeBrotherston/tls-fingerprinting)
These tools are to enable the matching (either on the wire or via pcap),
creation, and export of TLS Fingerprints to other formats. For futher
information on TLS Fingerprinting:* My [TLS Fingerprinting paper][1],
* My [Derbycon Talk][2], and [slides][3] on the topic.
* My [SecTorCA Talk][4], and [slides][5] on the topic.
* TLS Fingerprinting Discussion on [Brakeing Down Security Podcast][6]
* Quick [demo of tor detection][7] with FingerPrinTLSIn summary the tools are:
* **FingerprinTLS**: TLS session detection on the wire or PCAP and subsequent fingerprint detetion / creation.
* **Fingerprintout**: Export to other formats such as Suricata/Snort rules, ANSI C Structs, "clean" output and xkeyscore (ok, it's regex). NOTE: Because of a lack of flexibility in the suricata/snort rules language, this is currently less accurate than using FingerprinTLS to detect fingerprints and so may require tuning.
* **fingerprints.json**: The fingerprint "database" itself.
Please feel free to raise issues and make pull requests to submit code changes, fingerprint submissions, etc.
You can find [me on twitter][8] and [the project on twitter][9] also.
[1]: https://blog.squarelemon.com/tls-fingerprinting/
[2]: https://www.youtube.com/watch?v=XX0FRAy2Mec
[3]: http://www.slideshare.net/LeeBrotherston/tls-fingerprinting-stealthier-attacking-smarter-defending-derbycon
[4]: http://2015.video.sector.ca/video/144175700
[5]: http://www.slideshare.net/LeeBrotherston/tls-fingerprinting-sectorca-edition
[6]: http://brakeingsecurity.com/2015-007-fingerprintls-profiling-application-with-lee-brotherston
[7]: https://www.youtube.com/watch?v=ifODVQ3hBVs
[8]: https://twitter.com/synackpse
[9]: https://twitter.com/FingerprinTLS