Last Updated: 2020-11-29 12:29:53 UTC
by Didier Stevens (Version: 1)
Rik talked about JARM yesterday "Threat Hunting with JARM".
JARM is a tool to fingerprint TLS servers.
I made some changes to the JARM code to support a SOCKS proxy.
Now I can use JARM over Tor, for example:
You will miss information when you use a SOCKS proxy: the resolved IP, in case you use a domain name.
And on Linux, there are other methods to achieve this.