sensor-d4-tls-fingerprinting is intended to be used to feed a D4 project client (It can be used in standalone though).
- extracts TLS certificates from pcap files or network interfaces
- fingerprints TLS client/server interactions with ja3/ja3s
- fingerprints TLS interactions with TLSH fuzzy hashing
- write certificates in a folder
- export in JSON to files, or stdout