Java code to profile SSL/TLS clients

• Background
• Install
• Usage
• Contribute
• License

JA3 is a method for creating SSL/TLS client fingerprints that are easy to produce and can be easily shared for threat intelligence.

This repo includes java library for building the JA3 fingerprint string during SSL negotiation.

JA3 is a specification created and open sourced by Salesforce team here.

This is packaged as a java library and can be imported as maven or gradle dependency in your project. There are no special installation instructions.

Wrap your SSL engine implementation using the JA3 wrapper and then access the fingerprint after the handshake is completed.

    // SSL Handler Wrapper
    final JA3SSLEngineWrapper ja3Wrapper = new JA3SSLEngineWrapper(sslEngine);
    // Accessing the finger print
    final String ja3ClientSignature = (String) sslSession.getValue(JA3Constants.JA3_FINGERPRINT);

Please refer to the contributing.md for information about how to get involved. We welcome issues, questions, and pull requests. Pull Requests are welcome.

Luis Alves: (lafa at verizonmedia.com)

This project is licensed under the terms of the Apache 2.0 open source license. Please refer to LICENSE for the full terms.