JA4S is a system to hash the configuration of a TLS connection. More: ja4/technical_details/README.md at main · FoxIO-LLC/ja4 · GitHub
Possible use cases:
- Scan the network for this ja4s fingerprints and see if expected TLS fingerprints appear. Our systems normally should have only a known subset of fingerprints.
- Blocking of requests on firewalls when having a distributed attacker, but its tool can be identified by the request fingerprint.
Leave a Reply
You must be logged in to post a comment.