vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-01 00:19:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Add (kind of) support for loading a list of JA4C malicious fingerprints (#2678)

Browse source 
It might be usefull to be able to match traffic against a list of
suspicious JA4C fingerprints

Use the same code/logic/infrastructure used for JA3C (note that we are
going to remove JA3C...)

See: #2551
This commit is contained in:
Ivan Nardi 2025-01-14 12:05:03 +01:00 committed by GitHub
parent 69a4f8120a
commit 63a3547f99
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
33 changed files with 200 additions and 299 deletions
Download patch file Download diff file Expand all files Collapse all files

2
fuzz/fuzz_common_code.c
View file

@ -53,7 +53,7 @@ void fuzz_init_detection_module(struct ndpi_detection_module_struct **ndpi_info_
ndpi_load_protocols_file(*ndpi_info_mod, "protos.txt");
ndpi_load_categories_file(*ndpi_info_mod, "categories.txt", NULL);
ndpi_load_risk_domain_file(*ndpi_info_mod, "risky_domains.txt");
ndpi_load_malicious_ja3_file(*ndpi_info_mod, "ja3_fingerprints.csv");
ndpi_load_malicious_ja4_file(*ndpi_info_mod, "ja4_fingerprints.csv");
ndpi_load_malicious_sha1_file(*ndpi_info_mod, "sha1_fingerprints.csv");
ndpi_set_config(*ndpi_info_mod, NULL, "filename.config", "config.txt");