Hello fellow Zeekers!
Did you know? JA4 was just released: JA4+ Network Fingerprinting. TL;DR | by John Althouse | Sep, 2023 | FoxIO
This is a huge leap from JA3, as it handles randomly created TLS certificates as well as support fingerprinting over many additional protocols - UDP, SSH, etc.
Eagerly expecting to see a Zeek package that supports JA4!
Is anyone currently working on it?