JARM is an active TLS fingerprinting algorithm developed by Salesforce. The algorithm could be used to cluster servers with similar TLS configuration, identify default application settings, and hunt for malware C&C servers and other malicious servers. It works by sending specially crafted 10 TLS Client Hello requests, with different options, probing the server for specific TLS Server Hello messages. In this talk, we will present the first C++ implementation of the algorithm, that supports additional functionalities, along with a deep technical analysis of how JARM works. Moreover, we explore what makes a JARM fingerprint unique or shared, and some exciting oddities that certain servers exhibit, which might lower the confidence level in the fingerprint. Additionally, we attempt to demonstrate some improvement on the algorithm that might improve the confidence level in the fingerprint. Moreover, we’ll highlight some exciting results from scanning the top 1 million Alexa websites and the top 100k WordPress sites. The source code and supporting data will be published on GitHub.