Showing posts with label SSL. Show all posts
Showing posts with label SSL. Show all posts

Tuesday, March 26, 2013

[HoneyProxy] A man-in-the-middle SSL Proxy & Traffic Analyzer



HoneyProxy is a lightweight tool that allows live HTTP(S) traffic inspection and analysis.
It focuses on features that are useful for malware analysis and network forensics.

Features

  • Analyze HTTP(S) traffic on the fly
  • Filter and highlight traffic, regex support included.
  • Report Generation for saved flows, including a live JS editor.
  • Save HTTP conversations for later analysis
  • Make scripted changes with Python, e.g. remove Cache Header.
  • based on and compatible to mitmproxy.
  • cross-platform (Windows, OSX and Linux)
  • SSL interception certs generated on the fly
Looking for more? Check out our GitHub wiki!

 

Quick Start

Download the latest release or pick a development snapshot.

Install all dependencies: pip install pyOpenSSL pyasn1 Twisted Autobahn
Windows users: Install the binaries for pyOpenSSL and Twisted manually (or compile yourself).
Ubuntu / Debian users: Install twisted as a package (sudo apt-get install python-twisted). If you get errors, check this page.

Start HoneyProxy with python honeyproxy.py or python honeyproxy.py --help.
If you don't use a modern browser, a kitten will die. We support both Firefox and Chrome!
Most command line parameters are documented in the mitmproxy docs.
Posted by at No comments:
Labels: , , , , , , ,

Wednesday, March 13, 2013

[SSLyze v0.6] SSL Server Configuration Scanning Tool


SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers.

Features
  • SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility
  • Performance testing: session resumption and TLS tickets support
  • Security testing: weak cipher suites, insecure renegation, CRIME and THC-SSL DOS attacks
  • Server certificate validation
  • Support for StartTLS with SMTP and XMPP, and traffic tunneling through an HTTPS proxy
  • Client certificate support for servers performing mutual authentication
  • Scan results can be written to an XML file for further processing
New in v0.6:
  • Added support for Server Name Indication; see –sni
  • Partial results are returned when the server requires client authentication but no client certificate was provided
  • Preliminary IPv6 support
  • Various bug fixes and better support of client authentication and HTTPS tunneling

You can download SSLyze v0.6 here:

Linux/OSXsslyze-0.6_src.zip
Windows 7/Python 32-bitsslyze-0.6_Windows7_Python32.zip
Windows 7/Python 64-bitsslyze-0.6_Windows7_Python64.zip

Or read more here.
Posted by at No comments:
Labels: , , , , , , ,

Thursday, March 7, 2013

[SSL Certificate Downloader] Command-line Tool to grab SSL Certificate from Server Remotely



SSL Cert Downloader is a free command-line tool to grab SSL certificate from server remotely.

It can be used to download certificate from any of the SSL enabled services including

  • HTTPS (443)
  • LDAPS (636)
  • SMTPS (465)
  • POPS (995)
  • IMAPS (993)

You can either specify IP address or host name of the server. Also you can enter any custom port which makes it useful when SSL service is running on non-standard port.


Once the certificate is downloaded from the server it will be saved to the specified file. Later you can just double click on the saved file to view the SSL certificate.

It is very easy to use and being a command-line tool makes it easy for automation through scripting.
It is fully portable and works on all platforms starting from Windows XP to Windows 8.





Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)