The SSL Blacklist (SSLBL) is a project of with the goal of detecting malicious SSL connections, by identifying and blacklisting SSL certificates used by botnet C&C servers. In addition, SSLBL identifies JA3 fingerprints that helps you to detect & block malware botnet C&C communication on the TCP layer.

Download SSL Blacklist »

SSL Certificates

Identify botnet command&control (C&C) infrastructure. Browse the list of malicious SSL certificates identified by SSLBL.

View details »

JA3 Fingerprints

Detect botnet command&control (C&C) communication. Browse the list of JA3 fingerprint to find malware in your network.

View details »


Get insights into botnet C&C operations that are leveraging SSL to encrypt botnet C&C traffic. Take a look at the SSLBL statistics.

View details »