I got this list by monitoring the Dynamic Update release emails from Palo Alto Networks.

Remember a “decoder” is effectivly a “base protocol”. You can also detect these within the App-ID database as any application that does not have a “depends on” or “implicily uses”.

In their updates, they often list “decoder” udpates in addition to App-ID updates.

• asterisk-iax
• bacnet
• cip-ethernet-ip
• corba
• cotp
• dhcp
• dicom
• dns
• ed137
• ftp
• ftp-data
• functions
• gds-db
• generic
• gtp
• hp-data-protector
• http
• http2
• icmp
• iec-60870-5-104
• igmp
• ike
• imap
• ipsec-esp-udp
• kerberos
• ldap
• llmnr
• lpd
• medical
• mms-ics
• modbus
• msrpc
• mssql-db
• mysql
• netbios-ss
• ntp
• open-vpn
• oracle
• pop3
• postgres
• radius
• rpc
• rtsp
• scada
• sccp
• sctp
• sip
• smb
• smb-8-1
• smtp
• ssh
• ssl
• stun
• teamviewer
• tftp
• vmware
• vnc
• unknown-tcp
• unknown-udp
• unknown-peer-to-peer