https://www.pistack.xyz/tags/fingerprinting/ Recent content in Fingerprinting on Pi Stack Hugo en-us Wed, 03 Jun 2026 00:00:00 +0000 https://www.pistack.xyz/posts/2026-06-03-self-hosted-tls-fingerprinting-ja3-ja4-zeek-suricata-guide/ Wed, 03 Jun 2026 00:00:00 +0000 https://www.pistack.xyz/posts/2026-06-03-self-hosted-tls-fingerprinting-ja3-ja4-zeek-suricata-guide/ <h2 id="introduction">Introduction</h2> <p>TLS fingerprinting is a passive network monitoring technique that identifies client applications and malware by analyzing the unique characteristics of their TLS handshakes. Every TLS client — whether it is Chrome, a Python script, or a malware command-and-control beacon — produces a distinctive fingerprint based on its supported cipher suites, TLS extensions, elliptic curves, and signature algorithms. By capturing and analyzing these fingerprints, security teams can detect unauthorized applications, identify malware families, and enforce network policy without decrypting traffic.</p>