JA4Server #3
Description
As JA4Server fingerprint relates to this body of work [nginx module], is the intent for nginx to fingerprint itself or fingerprint a proxied endpoint? Fingerprinting the endpoint of nginx proxied connection might prove useful.
Perhaps, there may even be an additional fingerprint standard specifically for HTTP Servers expanding on the JA4S and JA4H concepts that could include:
- request url hash
- response header count
- response header key names hashed
- response size and status code
Metadata
Metadata
Assignees
Labels
No labels