Quick Tip: Using JARM With a SOCKS Proxy
Rik talked about JARM yesterday "Threat Hunting with JARM".
JARM is a tool to fingerprint TLS servers.
I made some changes to the JARM code to support a SOCKS proxy.
Now I can use JARM over Tor, for example:
You will miss information when you use a SOCKS proxy: the resolved IP, in case you use a domain name.
And on Linux, there are other methods to achieve this.
Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com
×
Diary Archives
Comments