Create README.md

FoxIO-LLC · Nov 19, 2023 · b398efd · b398efd
1 parent 6256dcc
commit b398efd
Showing 1 changed file with 28 additions and 0 deletions.
diff --git a/wireshark/README.md b/wireshark/README.md
@@ -0,0 +1,28 @@
+# JA4+ Plugin for Wireshark
+
+![JA4](https://github.com/FoxIO-LLC/ja4/blob/main/wireshark/screenshot.png)
+
+This has been tested on Wireshark ver. 4.2.0
+
+## Install
+1. Copy ```ja4.dll``` to your global plugins directory under epan.  
+Windows: ```C:\Program Files\Wireshark\plugins\4.2\epan\```  
+Mac: ```/Applications/Wireshark.app/Contents/PlugIns/wireshark/4-2/epan/```  
+2. Start Wireshark
+
+## Config
+JA4+ fields are under ja4.*  
+JA4: ```ja4.ja4```  
+JA4S: ```ja4.ja4s```  
+JA4H: ```ja4.ja4h```  
+JA4L-C: ```ja4.ja4lc```  
+JA4L-S: ```ja4.ja4ls```  
+JA4X: ```ja4.ja4x```  
+JA4SSH: ```ja4.ja4ssh```  
+
+Add JA4+ to your columns for easy identification and sorting. Go to ```Preferences...``` and add as follows:
+
+![Config](https://github.com/FoxIO-LLC/ja4/blob/main/wireshark/column-config.png)
+
+## Licensing
+See [Licensing](https://github.com/FoxIO-LLC/ja4/tree/main#licensing) under repo root.