The SSL Blacklist (SSLBL) is a project of abuse.ch with the goal of detecting malicious SSL connections, by identifying and blacklisting SSL certificates used by botnet C&C servers. In addition, SSLBL identifies JA3 fingerprints that helps you to detect & block malware botnet C&C communication on the TCP layer.
Identify botnet command&control (C&C) infrastructure. Browse the list of malicious SSL certificates identified by SSLBL.
Detect botnet command&control (C&C) communication. Browse the list of JA3 fingerprint to find malware in your network.
Get insights into botnet C&C operations that are leveraging SSL to encrypt botnet C&C traffic. Take a look at the SSLBL statistics.