Navigation



Tag Archives | ssl security




SSLyze v0.6 Available For Download – SSL Server Configuration Scanning Tool

Last updated: March 13, 2013 | 4,281 views

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers. Features SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility Performance testing: session resumption and TLS tickets support Security testing: […]

Share23
Tweet59
Share3
Share
Buffer
WhatsApp
Reddit
Flip
Vote
Email
85 Shares
Topic: Cryptography, Networking Hacking, Web Hacking

TLSSLed v1.2 – Evaluate The Security Of A Target SSL Or TLS (HTTPS) Web Server Implementation

Last updated: December 6, 2012 | 4,013 views

When running web application security assessments it is mandatory to evaluate the security stance of the SSL/TLS (HTTPS) implementation and configuration. OWASP has a couple of references the author strongly recommends taking a look at, the “OWASP-CM-001: Testing for SSL-TLS” checks, part of the OWASP Testing Guide v3, and the Transport Layer Protection Cheat Sheet. […]

Share
Tweet48
Share7
Share
Buffer
WhatsApp
Reddit
Flip
Vote1
Email
56 Shares
Topic: Cryptography, Web Hacking

sslsniff v0.7 – SSL Man-In-The-Middle (MITM) Tool

Last updated: September 9, 2015 | 14,568 views

It’s been a while since the last sslsniff release back in August 2009 with version 0.6 – sslsniff v0.6 Released – SSL MITM Tool. Version 0.7 was finally released earlier in the year in April – so here it is. This tool was originally written to demonstrate and exploit IE’s vulnerability to a specific “basicConstraints” […]

Share7
Tweet35
Share4
Share
Buffer
WhatsApp
Reddit
Flip
Vote
Email
46 Shares
Topic: Hacking Tools, Networking Hacking

sslsnoop v0.6 – Dump Live Session Keys From SSH & Decrypt Traffic On The Fly

Last updated: May 2, 2011 | 8,991 views

sslsnoop dumps live session keys from openssh and can also decrypt the traffic on the fly. Works if scapy doesn’t drop packets. using pcap instead of SOCK_RAW helps a lot now. Works better on interactive traffic with no traffic at the time of the ptrace. It follows the flow, after that. Dumps one file by […]

Share1
Tweet41
Share11
Share
Buffer
WhatsApp
Reddit
Flip
Vote
Email
53 Shares
Topic: Cryptography, Exploits/Vulnerabilities, Networking Hacking

Website Auto-complete Leaks Data Even Over Encrypted Link

Last updated: September 9, 2015 | 7,499 views

I’m always fascinated by side-channel attacks where the attack is focused on the underlying architecture of the cryptosystem and the data echos it creates rather than the algorithm or implementation itself. Similar somewhat to the recent breaking of OpenSSL using power fluctuations. This time some researcher type fellas focused on the digital noise autocomplete webforms […]

Share1
Tweet
Share
Share
Buffer
WhatsApp
Reddit
Flip
Vote
Email
1 Shares
Topic: Cryptography, Exploits/Vulnerabilities, Privacy

SSL Renegotiation Bug Succesfully Used To Attack Twitter

Last updated: September 9, 2015 | 33,228 views

When this SSL Renegotiation bug hit the news, most people said it was a theoretical attack and was of no practical use in the real world. But then people tend to say that about most things don’t they until they get pwned up the face. It turns out the rather obscure SSL flaw can be […]

Share11
Tweet
Share
Share
Buffer
WhatsApp
Reddit
Flip
Vote
Email
11 Shares
Topic: Exploits/Vulnerabilities, Networking Hacking, Web Hacking

Popular Tags

computer-security · darknet · ddos · dos · exploits · fuzzing · google · hacking-networks · hacking-websites · hacking-windows · hacking tool · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · pen-testing · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · windows · windows-security · Windows Hacking · worms · XSS ·