Releases: FoxIO-LLC/ja4
Releases · FoxIO-LLC/ja4
Zeek Update
This release is to enable Zeek to use the latest version.
wireshark-v0.1.4
Updates
- Implemented the new JA4D fingerprint specification.
wireshark-v0.1.3
The plugin updated for use with Wireshark 4.6.0
Regression note: the workaround previously used to display JA4 columns in the GUI doesn’t work in 4.6.0. The plugin will be updated once the regression is addressed
wireshark-v0.1.2
Please use v0.1.3 instead. All assets from this release have been removed.
wireshark-v0.1.1
Fixes:
- Fixed Wireshark crash when following TCP stream with JA4 plugin #257
wireshark-v0.1.0
ja4-wireshark-plugins-2025.08.07.35
Add ja4l_delta and ja4ls_delta derived fields to JA4 wireshark plugin…
ja4-wireshark-plugins-2025.08.05.37: Wireshark: minor tweaks to wmem_strbuf use (#241)
Minor changes to some cases of how wmem strbufs are used. There is minimal performance benefit, but hopefully improved code clarity. Replace `wmem_strbuf_append_printf(buf, "%s", str)` with `wmem_strbuf_append(buf, str)`. Replace `wmem_strbuf_append_printf(buf, "%c", c)` with `wmem_strbuf_append_c(buf, c)`. These changes avoid the overhead of parsing a printf format string when it's redundant. Use `wmem_strbuf_dup()` to duplicate a strbuf instead of `wmem_strbuf_new(..., wmem_strbuf_get_str(oldbuf))` for slight improvement in readability. (This change may cause a conflict with #240 that is trivial to resolve.) Use `wmem_strbuf_finalize()` when getting the final value of a strbuf. For strings allocated in the file scope, this reduces the memory used by the final string. The function is effectively a no-op for strings allocated in the packet scope, but still makes clear to future readers when a string is expected to undergo no further changes.
ja4-wireshark-plugins-2025.08.05.35
Update copyright year (#242)
v0.18.7
Update README.md