CoolHandSquid / JA3-Signature-Mapping-for-TOR

Automate pulling down all versions of TOR, browser installation, execution, packet collection, and JA3 signature creation.

http://coolhandsquid.com

ja3-signature-creation ja3 tor-browsers ja3-signature-mapping packet-collection analytics

JA3-Signature-Mapping-for-TOR

Automate pulling down all versions of Tor, browser installation, execution, packet collection, and JA3 signature creation

Overview

Ja3SignatureMapping.py and Ja3SignatureMappingLinux.py are used for to automate Tor browser installation, exection, and packet collection (tailored pcap creation) on Windows and Linux respectively.
ja3.py and ja3s.py are used to create JA# fingerprints from pcaps useing python.

Build and Useage for Tor browser downloads

Use xxx to download all Tor browsers from the TOR archives

Build and Useage for Tor browser installation, exection, and packet collection (tailored pcap creation)

For Windows install the Ja3SignatureMapping.py dependencies (python3, pywinauto, and wireshark).
For Linux install the Ja3SignatureMappingLinux.py dependencies (python3, pyautogui, and wireshark).
Verify directory of torfiles.
Verify outfile directory creation.
Verify internet connection.
Verify interface name.
python3 .Ja3SignatureMapping*.py

Build and Useage for Ja3 signature creation

https://github.com/salesforce/ja3
Yeet?

Build and Useage for Ja3 signature lookup

Ye

Linux and Windows results

If you are simply interested in the results of this project they can be found here https://CoolHandSquid/JA3-Signature-Mapping-for-TOR/Outfiles

Contact

Please contact me at CoolHandSquid32@gmail.com for suggestions and ideas!

About

Automate pulling down all versions of TOR, browser installation, execution, packet collection, and JA3 signature creation.

http://coolhandsquid.com

ja3-signature-creation ja3 tor-browsers ja3-signature-mapping packet-collection analytics