You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem?
Sometimes one application might change IP addresses and we'll result with effectively the same host on two different IP addresses. It'd be nice to have some additional data points that let us identify this sort of thing.
Describe the feature you'd like JA3 is method of fingerprinting TLS clients/servers. Build a JA3(S) probe into natlas-agent that can run natively (versus shelling out) so that we can store this information with our scan results.
Have you considered alternative ways to get this feature
Instead of building a native probe we could find another tool, bake it into the container, and shell out to it
Additional context
I think there has been some counter-research to show that this information can be manipulated, but for most natlas use cases I don't think that's particularly a huge deal. Having the data, even if it's manipulated to mask itself, is still going to be better than not having the data.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem?
Sometimes one application might change IP addresses and we'll result with effectively the same host on two different IP addresses. It'd be nice to have some additional data points that let us identify this sort of thing.
Describe the feature you'd like
JA3 is method of fingerprinting TLS clients/servers. Build a JA3(S) probe into natlas-agent that can run natively (versus shelling out) so that we can store this information with our scan results.
Have you considered alternative ways to get this feature
Instead of building a native probe we could find another tool, bake it into the container, and shell out to it
Additional context
I think there has been some counter-research to show that this information can be manipulated, but for most natlas use cases I don't think that's particularly a huge deal. Having the data, even if it's manipulated to mask itself, is still going to be better than not having the data.
The text was updated successfully, but these errors were encountered: