adityavs / o-saft Goto Github PK
View Code? Open in Web Editor NEWThis project forked from owasp/o-saft
O-Saft - OWASP SSL advanced forensic tool
License: GNU General Public License v2.0
This project forked from owasp/o-saft
O-Saft - OWASP SSL advanced forensic tool
License: GNU General Public License v2.0
/~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-. Version: 19.01.19 ) O-Saft - OWASP SSL advanced forensic tool ( ) /~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-/ ( ) DESCRIPTION ( This tools lists information about remote target's SSL certificate ) and tests the remote target according given list of ciphers. ( ) UNIQUE FEATURES ( =============== ) ### * working in closed environments, i.e. without internet connection ( ### * checking availability of ciphers independent of installed library ) ### * checking for all possible ciphers (up to 65535 per SSL protocol) ( ### * needs just perl without modules for checking ciphers and protocols ) ### * mainly same results on all platforms ( ) WHY? ( Why a new tool for checking SSL when there already exist a dozens or ) more good tools in 2012? Some (but not all) reasons are: ( * lack of tests of unusual ciphers ) * different results returned for the same check on same target ( * missing functionality (checks) according modern SSL/TLS ) * lack of tests of unusual (SSL, certificate) configurations ( * (mainly) missing feasability to add own tests ) ( For more details, please use ) o-saft.pl --help ( or read the source ;-) ) ( TARGET AUDIENCE ) * penetration testers ( * administrators ) ( INSTALLATION ) o-saft.pl requires following Perl modules: ( Net::SSLeay (prefered >= 1.51, recommended 1.85) ) IO::Socket::SSL (prefered >= 1.37, recommended 2.002) ( IO::Socket::INET (prefered >= 1.31) ) Net::DNS (prefered >= 0.65, for --mx option only) ( ) O-Saft can be executed from within the unpacked or cloned directory, ( installation is not necessary. However, a INSTALL.sh script will be ) provided, which can be called as follows: ( INSTALL.sh ) INSTALL.sh --clean ( INSTALL.sh --check ) INSTALL.sh --n /path/to/install --force ( INSTALL.sh /path/to/install --force ) ( There're no dependencies to other perl modules for checkAllCiphers.pl ) so the test of all ciphers (aka +cipherall) will work with it. ( The modules Net::SSLinfo, Net::SSLhello are part of O-Saft and should ) be installed in ./Net . ( ) ( Following files are optional: ) .o-saft.pl (private user configuration) ( o-saft-dbx.pm (for debugging, tracing) ) o-saft-usr.pm (private functions, some kind of API) ( o-saft-man.pm (documentation and generation functions) ) o-saft.pod (documentation in POD format) ( checkAllCiphers.pl (simple script for +cipherall option) ) .o-saft.tcl (private user configuration for GUI) ( o-saft-img.tcl (images for buttons in GUI) ) contrib/* (additional programs and tools) ( ) QUICK START ( o-saft.pl --help ) o-saft.pl +check your.tld ( o-saft.pl +info your.tld ) o-saft.pl +quick your.tld ( o-saft.pl +cipher your.tld ) o-saft.pl +cipherall your.tld ( o-saft.pl --help=commands ) ( o-saft.tcl (simple GUI; requires Tcl/Tk 8.5 or newer) ) ( o-saft-docker (simple wrapper to call o-saft.pl in docker image) ) ( Project home is https://www.owasp.org/index.php/O-Saft ) Project roadmap https://www.owasp.org/index.php/Projects/O-Saft/Roadmap ( ) Historic Project home https://www.owasp.org/index.php/Projects/O-Saft ( ) Get a Copy (latest stable release) ( wget https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz ) ( Get a Copy (development version) ) git clone https://github.com/OWASP/O-Saft.git ( git clone [email protected]:OWASP/O-Saft.git ) ( Get Docker Image (latest stable release) ) docker pull owasp/o-saft ( ) VERSION ( The version of the tarball o-saft.tgz represents the version listed ) on top herein. All other files in the repository may be ahead of this ( (tarball) version. ) ( SHA256 checksum of o-saft.tgz ) 29d4faa2ed3025ed18d31175e868d6be9312b36ba486c6e5f305afeb34947f68 ( ) SHA256 checksum of owasp/o-saft:latest and owasp/o-saft:18.11.18 ( b85423d142c186c1cf10494aa0e993f6f2030ab769977aca9584d7d650421697 ) ( NOTE that the checksums listed here are the previous versions if this ) file is from o-saft.tgz itself, or inside the docker image. ( \_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-/
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.