sslbl/ja3-fingerprints

Abuse.ch Suricata JA3 Fingerprint Ruleset

If you are running Suricata, you can use the SSLBL's Suricata JA3 fingerprint ruleset to detect and/or block malicious SSL connections in your network based on the JA3 fingerprint. Please note that your need Suricata 4.1.0 or newer in order to use the JA3 fingerprint ruleset.

Vendor: Abuse.ch
License: CC0-1.0
Homepage: https://sslbl.abuse.ch/blacklist/ja3_fingerprints.tar.gz

Browse rules Recently updated