SSLyze is a fast and powerful SSL/TLS scanning tool and Python library.

Overview

SSLyze

Run Tests Downloads PyPI version Python version

SSLyze is a fast and powerful SSL/TLS scanning tool and Python library.

SSLyze can analyze the SSL/TLS configuration of a server by connecting to it, in order to ensure that it uses strong encryption settings (certificate, cipher suites, elliptic curves, etc.), and that it is not vulnerable to known TLS attacks (Heartbleed, ROBOT, OpenSSL CCS injection, etc.).

Key features

  • Focus on speed and reliability: SSLyze is a battle-tested tool that is used to reliably scan hundreds of thousands of servers every day.
  • Easy to operationalize: SSLyze can be directly run from CI/CD, in order to continuously check a server against Mozilla's recommended TLS configuration.
  • Fully documented Python API to run scans directly from any Python application, such as a function deployed to AWS Lambda.
  • Support for scanning non-HTTP servers including SMTP, XMPP, LDAP, POP, IMAP, RDP, Postgres and FTP servers.
  • Results of a scan can easily be saved to a JSON file for later processing.
  • And much more!

Quick start

On Windows, Linux (x86 or x64) and macOS, SSLyze can be installed directly via pip:

$ pip install --upgrade pip setuptools wheel
$ pip install --upgrade sslyze
$ python -m sslyze www.yahoo.com www.google.com "[2607:f8b0:400a:807::2004]:443"

It can also be used via Docker:

$ docker run --rm -it nablac0d3/sslyze:5.0.0 www.google.com

Lastly, a pre-compiled Windows executable can be downloaded from the Releases page.

Python API Documentation

Documentation for SSLyze's Python API is available here.

Usage as a CI/CD step

By default, SSLyze will check the server's scan results against Mozilla's recommended "intermediate" TLS configuration, and will return a non-zero exit code if the server is not compliant.

$ python -m sslyze mozilla.com
Checking results against Mozilla's "intermediate" configuration. See https://ssl-config.mozilla.org/ for more details.

mozilla.com:443: OK - Compliant.

The Mozilla configuration to check against can be configured via --mozilla-config={old, intermediate, modern}:

$ python -m sslyze --mozilla-config=modern mozilla.com
Checking results against Mozilla's "modern" configuration. See https://ssl-config.mozilla.org/ for more details.

mozilla.com:443: FAILED - Not compliant.
    * certificate_types: Deployed certificate types are {'rsa'}, should have at least one of {'ecdsa'}.
    * certificate_signatures: Deployed certificate signatures are {'sha256WithRSAEncryption'}, should have at least one of {'ecdsa-with-SHA512', 'ecdsa-with-SHA256', 'ecdsa-with-SHA384'}.
    * tls_versions: TLS versions {'TLSv1.2'} are supported, but should be rejected.
    * ciphers: Cipher suites {'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384', 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256', 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256'} are supported, but should be rejected.

This can be used to easily run an SSLyze scan as a CI/CD step.

Development environment

To setup a development environment:

$ pip install --upgrade pip setuptools wheel
$ pip install -e . 
$ pip install -r dev-requirements.txt

The tests can then be run using:

$ invoke test

License

Copyright (c) 2021 Alban Diquet

SSLyze is made available under the terms of the GNU Affero General Public License (AGPL). See LICENSE.txt for details and exceptions.

Comments
  • Potential memory leak in the synchronous scanner

    Potential memory leak in the synchronous scanner

    if i run this in a endless loop, the memory is getting bigger and bigger. can anyone please help me. this is a really serious problem for me :(

    sslv20 = { 'version': 'SSLv20', 'command': Sslv20ScanCommand() } sslv30 = { 'version': 'SSLv30', 'command': Sslv30ScanCommand() } tlsv10 = { 'version': 'TLSv10', 'command': Tlsv10ScanCommand() } tlsv11 = { 'version': 'TLSv11', 'command': Tlsv11ScanCommand() } tlsv12 = { 'version': 'TLSv12', 'command': Tlsv12ScanCommand() }

    for protocol in [sslv20, sslv30, tlsv10, tlsv11, tlsv12]: scanner = SynchronousScanner(network_timeout=2, network_retries=2) scan_result = scanner.run_scan_command(server_info, protocol['command'])

    ...

    bug 
    opened by ericrange 18
  • Licensing clarification

    Licensing clarification

    sslyze lists it's license as GPLv2. Can you clarify if this is an intentional choice, or one made for historical reasons?

    GPLv2 makes perfect sense for the use of sslyze as a standalone tool, and preventing users from building a proprietary SSL analysis tool based off that codebase.

    However, I've got a use case that would involved deploying sslyze as part of a Software-as-a-Service platform. Under the terms of the GPLv2, this would be a completely legitimate usage of sslyze, and I would not be required to distribute the source code for my SaaS platform (see this FAQ on the GNU website).

    While I'm completely covered under the letter of the law, I'd rather not violate the spirit of the law in the way the project intended the sslyze API and codebase to be used.

    Are you able to:

    • Clarify that you have no objection to sslyze being used as part of a proprietary SaaS deployment; and/or
    • Provide (either to me specifically, or more generally) a license with more liberal terms (LGPL would be fine; MIT/BSD would be even better); or
    • Modify the license to be AGPL, or something that covers the SaaS use case?
    opened by freakboy3742 17
  • 1.0.0 python run_tests.py failures

    1.0.0 python run_tests.py failures

    I'm seeing these two errors and two failures when running python run_tests.py:

    ======================================================================
    ERROR: test_unicode_certificate (plugin_tests.test_certificate_info_plugin.CertificateInfoPluginTestCase)
    ----------------------------------------------------------------------
    Traceback (most recent call last):
      File "/private/tmp/sslyze-20170213-14808-18m8mim/sslyze-1.0.0/tests/plugin_tests/test_certificate_info_plugin.py", line 146, in test_unicode_certificate
        plugin_result = plugin.process_task(server_info, CertificateInfoScanCommand())
      File "/private/tmp/sslyze-20170213-14808-18m8mim/sslyze-1.0.0/sslyze/plugins/certificate_info_plugin.py", line 151, in process_task
        raise RuntimeError(u'Could not connect to the server; last error: {}'.format(last_exception))
    RuntimeError: Could not connect to the server; last error: TCP / Received RST
    
    ======================================================================
    ERROR: test_follows_client_cipher_suite_preference (plugin_tests.test_openssl_cipher_suites_plugin.OpenSslCipherSuitesPluginTestCase)
    ----------------------------------------------------------------------
    Traceback (most recent call last):
      File "/private/tmp/sslyze-20170213-14808-18m8mim/sslyze-1.0.0/tests/plugin_tests/test_openssl_cipher_suites_plugin.py", line 199, in test_follows_client_cipher_suite_preference
        plugin_result = plugin.process_task(server_info, Tlsv12ScanCommand())
      File "/private/tmp/sslyze-20170213-14808-18m8mim/sslyze-1.0.0/sslyze/plugins/openssl_cipher_suites_plugin.py", line 167, in process_task
        preferred_cipher = self._get_preferred_cipher_suite(server_connectivity_info, ssl_version, accepted_cipher_list)
      File "/private/tmp/sslyze-20170213-14808-18m8mim/sslyze-1.0.0/sslyze/plugins/openssl_cipher_suites_plugin.py", line 215, in _get_preferred_cipher_suite
        second_cipher = self._get_selected_cipher_suite(server_connectivity_info, ssl_version, second_cipher_string)
      File "/private/tmp/sslyze-20170213-14808-18m8mim/sslyze-1.0.0/sslyze/plugins/openssl_cipher_suites_plugin.py", line 235, in _get_selected_cipher_suite
        ssl_connection.connect()
      File "/private/tmp/sslyze-20170213-14808-18m8mim/sslyze-1.0.0/sslyze/utils/ssl_connection.py", line 166, in connect
        self.do_handshake()
      File "/usr/local/Cellar/sslyze/1.0.0/libexec/lib/python2.7/site-packages/nassl/ssl_client.py", line 144, in do_handshake
        handshake_data_in = self._sock.recv(self._DEFAULT_BUFFER_SIZE)
    timeout: timed out
    
    ======================================================================
    FAIL: test_not_trusted_by_mozilla_but_trusted_by_apple (plugin_tests.test_certificate_info_plugin.CertificateInfoPluginTestCase)
    ----------------------------------------------------------------------
    Traceback (most recent call last):
      File "/private/tmp/sslyze-20170213-14808-18m8mim/sslyze-1.0.0/tests/plugin_tests/test_certificate_info_plugin.py", line 174, in test_not_trusted_by_mozilla_but_trusted_by_apple
        self.assertEqual(plugin_result.successful_trust_store.name, u'Apple')
    AssertionError: u'Microsoft' != u'Apple'
    - Microsoft
    + Apple
    
    
    ======================================================================
    FAIL: test_tlsv1_2_enabled (plugin_tests.test_openssl_cipher_suites_plugin.OpenSslCipherSuitesPluginTestCase)
    ----------------------------------------------------------------------
    Traceback (most recent call last):
      File "/private/tmp/sslyze-20170213-14808-18m8mim/sslyze-1.0.0/tests/plugin_tests/test_openssl_cipher_suites_plugin.py", line 113, in test_tlsv1_2_enabled
        set(accepted_cipher_name_list))
    AssertionError: Items in the first set but not the second:
    'TLS_RSA_WITH_AES_128_CBC_SHA256'
    'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256'
    'OLD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256'
    'TLS_RSA_WITH_AES_256_CBC_SHA256'
    'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384'
    
    ----------------------------------------------------------------------
    Ran 64 tests in 131.530s
    
    FAILED (failures=2, errors=2)
    /usr/local/Homebrew/Library/Homebrew/debrew.rb:11:in `raise'
    BuildError: Failed executing: python run_tests.py
    
    opened by ilovezfs 17
  • Diffie Helmann information for each cipher suite no longer returned

    Diffie Helmann information for each cipher suite no longer returned

    In version 2.0.0 the dh_info key for ciphers that use Diffie-Hellmann key exchange has disappeared. Are you planning to bring it back, or is it gone for good?

    Example JSON from 1.4.3:

        "tlsv1": {
                        "accepted_cipher_list": [
                            {
                                "dh_info": {
                                    "A": "0x00ffffffff00000001000000000000000000000000fffffffffffffffffffffffc",
                                    "B": "0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b",
                                    "Cofactor": "1",
                                    "Field_Type": "prime-field",
                                    "Generator": "0x046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5",
                                    "GeneratorType": "uncompressed",
                                    "GroupSize": "256",
                                    "Order": "0x00ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551",
                                    "Prime": "0x00ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
                                    "Seed": "0xc49d360886e704936a6678e1139d26b7819f7e90",
                                    "Type": "ECDH"
                                },
                                "is_anonymous": false,
                                "key_size": 256,
                                "openssl_name": "ECDHE-RSA-AES256-SHA",
                                "ssl_version": "TLSV1"
                            },
    

    Example from 2.0.0:

                            {
                                "is_anonymous": false,
                                "key_size": 256,
                                "openssl_name": "ECDHE-RSA-AES256-SHA",
                                "ssl_version": "TLSV1_1"
                            },
    
    enhancement 
    opened by BenjaminHae 16
  • TypeError - object of type 'UnrecognizedExtension' has no len()

    TypeError - object of type 'UnrecognizedExtension' has no len()

    python2 sslyze --regular www.pentest.co.uk

     * Certificate Information:
    Unhandled exception while running --certinfo:
    TypeError - object of type 'UnrecognizedExtension' has no len()
    

    net-analyzer/sslyze-1.4.2 dev-python/nassl-1.1.3

    opened by blshkv 16
  • Client side certs fail

    Client side certs fail

    Have been attempting to use it with some client certs (tried v0.13.2 and v0.13.3), which failed with the following error:

    Traceback (most recent call last): File "sslyze_cli.py", line 630, in File "sslyze_cli.py", line 532, in main _nassl.OpenSSLError: error:1418C197:SSL routines:ssl3_shutdown:shutdown while in init

    Saw that there were changes in v0.12 e.g.

    • A full (client) certificate chain can now be supplied when using client certificates.

    So skipped to v0.11 which worked e.g. with the same command line/cert files etc:

    .\sslyze.exe --cert="pub.cer" --key="pri.pkcs8" --keyform="PEM" --pass="a" --regular super-secret-host:443

    opened by the-room 15
  • Issues with moving to OpenSSL 1.1.0

    Issues with moving to OpenSSL 1.1.0

    In OpenSSL 1.1.0, support for SSL 2.0 and export cipher suites was removed. This is good for the Internet but bad for SSLyze. We also cannot stay stuck on 1.0.2 forever as new cipher suites (ChaCha20 and Poly1305) were added 1.1.0. This might require writing a plugin to check for cipher suites and protocols that are not supported by OpenSSL.

    opened by nabla-c0d3 13
  • [nassl] use system openssl/zlib optionally

    [nassl] use system openssl/zlib optionally

    I'm adding sslyze to Gentoo (Pentoo) repository and facing the problem. The latest nassl v0.12 has no option to use existing system libraries even if they meet all requirements.

    Please specify which options of libraries must be enabled and allow to use system libraries.

    My quick patch is here: https://github.com/pentoo/pentoo-overlay/commit/dd9d21cdcb2aee07cdbec25b81c81d1c5f703395

    opened by blshkv 12
  • sslyze 1.4.2 installed via homebrew causes

    sslyze 1.4.2 installed via homebrew causes "certinfo: TypeError - object of type 'UnrecognizedExtension' has no len()"

    I noticed that certinfo fails with letsencrypt certificates:

    $ sslyze --certinfo letsencrypt.org
    
    
    
     AVAILABLE PLUGINS
     -----------------
    
      SessionRenegotiationPlugin
      SessionResumptionPlugin
      HttpHeadersPlugin
      RobotPlugin
      CompressionPlugin
      CertificateInfoPlugin
      FallbackScsvPlugin
      OpenSslCipherSuitesPlugin
      HeartbleedPlugin
      OpenSslCcsInjectionPlugin
    
    
    
     CHECKING HOST(S) AVAILABILITY
     -----------------------------
    
       letsencrypt.org:443                       => 92.123.27.128 
    
    
    
    
     SCAN RESULTS FOR LETSENCRYPT.ORG:443 - 92.123.27.128
     ----------------------------------------------------
    
     * Certificate Information:
    Unhandled exception while running --certinfo:
    TypeError - object of type 'UnrecognizedExtension' has no len()
    
    
     SCAN COMPLETED IN 0.50 S
     ------------------------
    

    Not sure which extension is breaking the scan. Other tests from the --regular suite work fine.

    I have eperienced the same with older and latest sslyze version:

    $ sslyze --version
    1.4.2
    

    Same problem can be seen on prominent sites with certificates from various issuers:

    • letsencrypt.org (Let's Encrypt) - https://www.ssllabs.com/ssltest/analyze.html?d=letsencrypt.org
    • mozilla.org (DigiCert) - https://www.ssllabs.com/ssltest/analyze.html?d=mozilla.org
    • wikipedia.org (GlobalSign) - https://www.ssllabs.com/ssltest/analyze.html?d=wikipedia.org
    • facebook.com (DigiCert) - https://www.ssllabs.com/ssltest/analyze.html?d=facebook.com
    • amazon.com (DigiCert) -https://www.ssllabs.com/ssltest/analyze.html?d=amazon.com
    • twitter.com (DigiCert) - https://www.ssllabs.com/ssltest/analyze.html?d=twitter.com
    • yahoo.com (DigiCert) - https://www.ssllabs.com/ssltest/analyze.html?d=yahoo.com
    • github.com (DigiCert) - https://www.ssllabs.com/ssltest/analyze.html?d=github.com
    • wordpress.com (Go Daddy) - https://www.ssllabs.com/ssltest/analyze.html?d=wordpress.com
    • reddit.com (DigiCert)
    • jquery.org (Let's Encrypt)
    • videolan.org (Let's Encrypt)

    Works fine testing:

    • google.com (Google Internet Authority) - https://www.ssllabs.com/ssltest/analyze.html?d=google.com
    • stackoverflow.com (DigiCert) - https://www.ssllabs.com/ssltest/analyze.html?d=stackoverflow.com
    • moz.com (CloudFlare) - https://www.ssllabs.com/ssltest/analyze.html?d=moz.com
    • slo-tech.com (Comodo) - https://www.ssllabs.com/ssltest/analyze.html?d=slo-tech.com

    According to #320, #311 and #293 this seems to be caused by unmet (poorly defined?) dependancy, an outdated version of cryptography, likely to be fixed in the homebrew formula: https://github.com/Homebrew/homebrew-core/blob/master/Formula/sslyze.rb#L46 @nabla-c0d3, could you check the dependancies and resources in that formula, so that we can ask them for a fix?

    Last relevant changes were done as part of https://github.com/Homebrew/homebrew-core/pull/28332 :

    • https://github.com/Homebrew/homebrew-core/commit/f19782edf2694bbec61fdddd4e0295680f9632e7 (by @ilovezfs and @mistydemeo)
    • https://github.com/Homebrew/homebrew-core/commit/52a167e08869396f734567550c0b1a877df05fc4 (by @BrewTestBot and @mistydemeo)
    opened by stefanb 10
  • Ciphers always randomly time out

    Ciphers always randomly time out

    I simply cannot configure sslyze not to time out on almost every run.

    Could you recommend a configuration which works reliably?

    Currently I run it the following way: sslyze-1_3_2\sslyze --timeout=120 --nb_retries=50 --json_out=result_tresorit.com.json --regular tresorit.com

    OSes I tested with:

    • Windows Server 2016 (1607) with latest updates (natively, not in WSL), VM: ~always times out
    • Windows 10 (1709) with latest updates (16299.192), physical machine: times out on every second run

    Run #1:

     * ROBOT Attack:
                                              OK - Not vulnerable
    
     * TLSV1 Cipher Suites:
         Undefined - An unexpected error happened:
            TLS_DH_RSA_WITH_AES_256_CBC_SHA                   timeout - timed out
            TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA             timeout - timed out
    
     * TLSV1_1 Cipher Suites:
         Undefined - An unexpected error happened:
            TLS_ECDH_anon_WITH_AES_256_CBC_SHA                timeout - timed out
            TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA              timeout - timed out
            TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA              timeout - timed out
            TLS_DHE_DSS_WITH_AES_256_CBC_SHA                  timeout - timed out
    

    Run #2:

     * ROBOT Attack:
                                              UNKNOWN - Received inconsistent results
    
     * TLSV1_2 Cipher Suites:
         Undefined - An unexpected error happened:
            TLS_DH_anon_WITH_AES_256_GCM_SHA384               timeout - timed out
            TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA             timeout - timed out
    

    Run #3:

     * ROBOT Attack:
                                              OK - Not vulnerable
    
     * SSLV3 Cipher Suites:
          Server rejected all cipher suites.
         Undefined - An unexpected error happened:
            TLS_DHE_RSA_WITH_AES_256_CBC_SHA                  timeout - timed out
    

    Run #4:

     * ROBOT Attack:
                                              OK - Not vulnerable
    
     * SSLV3 Cipher Suites:
          Server rejected all cipher suites.
         Undefined - An unexpected error happened:
            TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA             timeout - timed out
            TLS_DHE_DSS_WITH_AES_256_CBC_SHA                  timeout - timed out
            TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA                 timeout - timed out
    
     * TLSV1_2 Cipher Suites:
         Undefined - An unexpected error happened:
            TLS_RSA_WITH_SEED_CBC_SHA                         timeout - timed out
            TLS_DHE_RSA_WITH_AES_128_GCM_SHA256               timeout - timed out
            RSA_WITH_AES_256_CCM                              timeout - timed out
    

    It looks totally random which cipher fails and which not. Also the ROBOT Attack check is not stable. And it finishes fast (in 18-20 seconds), I am pretty sure it does not retry 50 times or it does too fast, it does not matter at all.

    Any idea why does this happen?

    I started to dig deeper (aka started monitoring the requests with Wireshark), but I only saw that some connections were not closed properly, and kept alive until the process finished, but they are NOT the same connections which are timed out. So this can only cause problem if there is some active connection per host limit somewhere...

    Older sslyze version (sadly I don't know which one) worked reliably, but now I wanted to update to the latest (1.3.2).

    enhancement 
    opened by koczkatamas 10
  • --ca-file not working as expected

    --ca-file not working as expected

    Hi,

    Recently I was checking a client's host and I noticed something strange. I'm running sslyze like this:

    $ ./sslyze_v0.11/sslyze.py --regular host:443  
    (...)
      * Certificate - Trust:
          Hostname Validation:               OK - Subject Alternative Name matches
          Mozilla NSS CA Store (04/2015):    FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
          Java 6 CA Store (Update 65):       FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
          Microsoft CA Store (04/2015):      FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
          Apple CA Store (OS X 10.10.3):     FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
          Certificate Chain Received:        ['host']
    (...)
    

    I also tried running OpenSSL directly:

    $ openssl s_client -connect host:443 -verify 5                      
    verify depth is 5
    CONNECTED(00000003)
    depth=0 C = IT, ST = [omitted], L = [omitted], O = [omitted]., OU = [omitted], OU = Terms of use at www.verisign.com/rpa (c)05, CN = host
    verify error:num=20:unable to get local issuer certificate
    verify return:1
    depth=0 C = IT, ST = [omitted], L = [omitted], O = [omitted], OU = [omitted], OU = Terms of use at www.verisign.com/rpa (c)05, CN = host
    verify error:num=27:certificate not trusted
    verify return:1
    depth=0 C = IT, ST = [omitted], L = [omitted], O = [omitted]., OU = [omitted], OU = Terms of use at www.verisign.com/rpa (c)05, CN = host
    verify error:num=21:unable to verify the first certificate
    verify return:1
    (...)
    

    It seems that the certificate isn't valid, however when I opened the host on my browser (I tried Firefox, Chrome and IE) they all say that the certificate is verified. After digging a bit on the internet, I concluded that it's failing because there's an intermediate certificate which has the CN 'VeriSign Class 3 International Server CA - G3' which seems that is not trusted on some systems. So I downloaded the certificate from here https://www.tbs-certificates.co.uk/FAQ/en/600.html and ran again the OpenSSL with the -CAfile option:

    $ openssl s_client -connect host:443 -CAfile SVRIntlG3.crt -verify 5
    verify depth is 5
    CONNECTED(00000003)
    depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G5
    verify return:1
    depth=1 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = Terms of use at https://www.verisign.com/rpa (c)10, CN = VeriSign Class 3 International Server CA - G3
    verify return:1
    depth=0 C = IT, ST = [omitted], L = [omitted], O = [omitted]., OU = [omitted], OU = Terms of use at www.verisign.com/rpa (c)05, CN = host
    verify return:1
    
    ---
    

    No errors. However when I use the --ca_file parameter on sslyze, i still get all the errors:

    $ ./sslyze_v0.11/sslyze.py --regular --ca_file SVRIntlG3.crt host:443 
    (...)
      * Certificate - Trust:
          Hostname Validation:               OK - Subject Alternative Name matches
          Mozilla NSS CA Store (04/2015):    FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
          Java 6 CA Store (Update 65):       FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
          Microsoft CA Store (04/2015):      FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
          Custom --ca_file CA Store (N/A):   FAILED - Certificate is NOT Trusted: unable to get issuer certificate
          Apple CA Store (OS X 10.10.3):     FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
          Certificate Chain Received:        ['host']
    (...)
    

    Maybe I'm using some option incorrectly, but I would expect sslyze to behave similarly to OpenSSL. (I had to omit the host and some info on the certs, sorry)

    opened by henshin 10
  • Does not follow redirect

    Does not follow redirect

    when I run it against my cable modem/router, it won't scan:

    $ python3 -m sslyze 192.168.0.1:443    
    
     AVAILABLE PLUGINS
     -----------------
    
      OpenSslCcsInjectionPlugin
      RobotPlugin
      SessionRenegotiationPlugin
      CompressionPlugin
      SessionResumptionPlugin
      HttpHeadersPlugin
      OpenSslCipherSuitesPlugin
      FallbackScsvPlugin
      CertificateInfoPlugin
      EarlyDataPlugin
      HeartbleedPlugin
    
     CHECKING HOST(S) AVAILABILITY
     -----------------------------
    
       192.168.0.1:443                       => 192.168.0.1 
    
     SCAN COMPLETED IN 0.08 S
     ------------------------
    
    

    However it brings up a webpage when I go to it on my browser

    image

    It redirects internally to https and takes me to the login page: image

    But I can also browse directly to https://192.168.0.1

    Is sslyze tripping up because it can't follow redirects or something? port 443 is available because I can telnet to it:

    $ telnet 192.168.0.1 443
    Trying 192.168.0.1...
    Connected to 192.168.0.1.
    Escape character is '^]'.
    

    nmap shows 80 and 443 as open:

    PORT      STATE    SERVICE
    80/tcp    open     http
    443/tcp   open     https
    
    opened by frakman1 1
  • Use SslyzeOutputAsJson without dependencies

    Use SslyzeOutputAsJson without dependencies

    The option to validate and import scan results with pydantic/SslyzeOutputAsJson is great. However it requires all the dependencies of sslyze, including nassl. This is a problem, if I'm on a platform where I have to compile it, and only want to read a scan result.

    Therefore it would be great, it would be possible to use SslyzeOutputAsJson without dependencies, that are only necessary to perform a scan. That would require some refactoring of the imports.

    opened by weddige 0
  • Switch to pyOpenSSL for validating certificate chain

    Switch to pyOpenSSL for validating certificate chain

    To further address the memory leak affecting the certificate validation logic (https://github.com/nabla-c0d3/sslyze/issues/560), we should switch from nassl's to pyOpenSSL's API (https://www.pyopenssl.org/en/stable/api/crypto.html#x509storecontext-objects).

    pyOpenSSL is already an implicit dependency of SSLyze since it's a dependency of cryptography.

    opened by nabla-c0d3 0
  • Segmentation Fault when trying to invoke tests or scan local apache webserver

    Segmentation Fault when trying to invoke tests or scan local apache webserver

    To Reproduce Steps to reproduce the behavior:

    1. Install latest SSLyze version using git clone
    2. Create and activate python3.9 venv
    3. Follow the steps: https://github.com/nabla-c0d3/sslyze/tree/5.0.0#development-environment
    4. See error

    Expected behavior Tests succeed

    Python environment

    • OS: RHEL 8.5
    • Python version: 3.9.6
    • OpenSSL 1.1.1k FIPS 25 Mar 2021
    • update-crypto-policies --show: LEGACY

    Additional context When trying to scan a local apache webserver using python -m sslyze [webserver cname] with SSLyze version 4.1.0, which was previously installed using pip, or with the latest version from git, a segmentation fault happens aswell. gdb -ex r --args /opt/testsslyze/venv/bin/python -m sslyze [webserver cname] results in error 2

    Error

    # invoke test
    ============================= test session starts ==============================
    platform linux -- Python 3.9.6, pytest-6.2.5, py-1.11.0, pluggy-1.0.0
    rootdir: /opt/testsslyze/sslyze
    plugins: Faker-13.0.0, cov-3.0.0
    collected 163 items
    
    tests/test_main.py .                                                     [  0%]
    tests/cli_tests/test_console_output.py .........                         [  6%]
    tests/cli_tests/test_server_string_parser.py ........                    [ 11%]
    tests/json_tests/test_json_output.py .....                               [ 14%]
    tests/plugins_tests/test_compression_plugin.py Fs.                       [ 15%]
    tests/plugins_tests/test_early_data_plugin.py ...                        [ 17%]
    tests/plugins_tests/test_elliptic_curves_plugin.py FF                    [ 19%]
    tests/plugins_tests/test_fallback_scsv_plugin.py FFFF                    [ 21%]
    tests/plugins_tests/test_heartbleed_plugin.py FF...                      [ 24%]
    tests/plugins_tests/test_http_headers_plugin.py FFF........              [ 31%]
    tests/plugins_tests/test_openssl_ccs_injection_plugin.py FF...           [ 34%]
    tests/plugins_tests/test_robot_plugin.py Fs.                             [ 36%]
    tests/plugins_tests/test_scan_commands.py .                              [ 36%]
    tests/plugins_tests/test_session_renegotiation_plugin.py F..F            [ 39%]
    tests/plugins_tests/test_session_resumption_plugin.py FF..               [ 41%]
    tests/plugins_tests/certificate_info/test_certificate_algorithms.py ..FF [ 44%]
    F                                                                        [ 44%]
    tests/plugins_tests/certificate_info/test_certificate_info_plugin.py FFF [ 46%]
    FFFsFFFFFF.                                                              [ 53%]
    tests/plugins_tests/certificate_info/test_certificate_utils.py ......    [ 57%]
    tests/plugins_tests/certificate_info/test_cli_connector.py F             [ 57%]
    tests/plugins_tests/certificate_info/test_json.py F                      [ 58%]
    tests/plugins_tests/certificate_info/test_symantec.py ...                [ 60%]
    tests/plugins_tests/certificate_info/test_trust_store_repository.py .F   [ 61%]
    tests/plugins_tests/openssl_cipher_suites/test_cipher_suites.py .        [ 61%]
    tests/plugins_tests/openssl_cipher_suites/test_cli_connector.py F        [ 62%]
    tests/plugins_tests/openssl_cipher_suites/test_openssl_cipher_suites_plugin.py F [ 63%]
    FFFFFFFFFFFFFatal Python error: Segmentation fault
    
    Current thread 0x00007f4d107e0700 (most recent call first):
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/nassl/ssl_client.py", line 319 in get_ephemeral_key
      File "/opt/testsslyze/sslyze/sslyze/plugins/openssl_cipher_suites/_test_cipher_suite.py", line 56 in connect_with_cipher_suite
      File "/usr/lib64/python3.9/concurrent/futures/thread.py", line 52 in run
      File "/usr/lib64/python3.9/concurrent/futures/thread.py", line 77 in _worker
      File "/usr/lib64/python3.9/threading.py", line 910 in run
      File "/usr/lib64/python3.9/threading.py", line 973 in _bootstrap_inner
      File "/usr/lib64/python3.9/threading.py", line 930 in _bootstrap
    
    Thread 0x00007f4d117e2700 (most recent call first):
      File "/opt/testsslyze/sslyze/tests/openssl_server/__init__.py", line 44 in read_and_log_and_reply
      File "/usr/lib64/python3.9/threading.py", line 910 in run
      File "/usr/lib64/python3.9/threading.py", line 973 in _bootstrap_inner
      File "/usr/lib64/python3.9/threading.py", line 930 in _bootstrap
    
    Thread 0x00007f4d71b66100 (most recent call first):
      File "/usr/lib64/python3.9/threading.py", line 312 in wait
      File "/usr/lib64/python3.9/concurrent/futures/_base.py", line 440 in result
      File "/opt/testsslyze/sslyze/sslyze/plugins/plugin_base.py", line 115 in scan_server
      File "/opt/testsslyze/sslyze/tests/plugins_tests/openssl_cipher_suites/test_openssl_cipher_suites_plugin.py", line 321 in test_sslv3_enabled
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/python.py", line 183 in pytest_pyfunc_call
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_callers.py", line 39 in _multicall
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_manager.py", line 80 in _hookexec
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_hooks.py", line 265 in __call__
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/python.py", line 1641 in runtest
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/runner.py", line 162 in pytest_runtest_call
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_callers.py", line 39 in _multicall
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_manager.py", line 80 in _hookexec
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_hooks.py", line 265 in __call__
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/runner.py", line 255 in <lambda>
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/runner.py", line 311 in from_call
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/runner.py", line 254 in call_runtest_hook
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/runner.py", line 215 in call_and_report
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/runner.py", line 126 in runtestprotocol
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/runner.py", line 109 in pytest_runtest_protocol
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_callers.py", line 39 in _multicall
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_manager.py", line 80 in _hookexec
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_hooks.py", line 265 in __call__
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/main.py", line 348 in pytest_runtestloop
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_callers.py", line 39 in _multicall
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_manager.py", line 80 in _hookexec
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_hooks.py", line 265 in __call__
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/main.py", line 323 in _main
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/main.py", line 269 in wrap_session
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/main.py", line 316 in pytest_cmdline_main
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_callers.py", line 39 in _multicall
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_manager.py", line 80 in _hookexec
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/pluggy/_hooks.py", line 265 in __call__
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/config/__init__.py", line 162 in main
      File "/opt/testsslyze/venv/lib64/python3.9/site-packages/_pytest/config/__init__.py", line 185 in console_main
      File "/opt/testsslyze/venv/bin/pytest", line 8 in <module>
    

    Error 2

    # gdb -ex r --args /opt/testsslyze/venv/bin/python -m sslyze [webserver cname]
    ...
    [Thread 0x7fffcf7fe700 (LWP 366897) exited]
       [webserver cname]:443   => 10.225.76.137   WARNING: Server requested optional client authentication
    
    Thread 15 "python" received signal SIGSEGV, Segmentation fault.
    [Switching to Thread 0x7fffefc80700 (LWP 366902)]
    nassl_SSL_get_dh_info (self=<optimized out>) at nassl/_nassl/nassl_SSL.c:861
    861     nassl/_nassl/nassl_SSL.c: No such file or directory.
    
    bug 
    opened by Florian0301 4
Releases(5.0.6)
  • 5.0.6(Oct 15, 2022)

    • Fixed a bug where no scans were run when using specific combinations of CLI options (#575).
    • Added support for more TLS stacks when connecting and scanning for elliptic curves (#579, #562).
    • Better CLI output when connectivity to the server is flaky (#534).
    • Added support for pydantic 1.10 (#576).
    • Documented how to export results to JSON via the Python API (#571).
    Source code(tar.gz)
    Source code(zip)
    sslyze-5.0.6-exe.zip(22.04 MB)
  • 5.0.5(May 14, 2022)

  • 5.0.4(Apr 30, 2022)

  • 5.0.3(Mar 13, 2022)

    • Fixed a crash when no valid server strings had been supplied via the command line (#557).
    • Fixed a crash when serializing the result of running --http_headers to JSON (#554).
    • Checking the server's scan results against the Mozilla configurations can be disabled using --mozilla_config=disable (#551).
    Source code(tar.gz)
    Source code(zip)
  • 5.0.2(Jan 1, 2022)

  • 5.0.1(Dec 19, 2021)

    • Renamed --mozilla-config to --mozilla_config for consistency.
    • Fixed a bug when using --reneg against servers using specific versions of GnuTLS.
    • Added support for cryptography 36.0.0 (#542).
    • Fixed JSON output when using --json_out=- to print JSON to the console (#543).
    Source code(tar.gz)
    Source code(zip)
    sslyze-5.0.1-exe.zip(25.82 MB)
  • 5.0.0(Nov 26, 2021)

    This major release focuses on improving the reliability of the scans, simplifying the Python API and JSON output, and adding support for checking a server's TLS configuration against Mozilla's recommended configuration.

    • SSLyze will now check the server's scan results against the Mozilla "intermediate" configuration (#453).
      • Which Mozilla configuration to use can be configured via --mozilla-config={old, intermediate, modern}.
      • The --mozilla-config option replaces --regular, which has been removed.
    • SSLyze can now be run as a CI/CD step; see the README for more information.
    • The Python API has been significantly simplified (#512). The changes focus on:
      • Reducing how much code is needed in order to run a scan.
      • Improving the typing of the result objects, in order to simplify code that processes scan results.
      • API-breaking changes: Starting a scan and processing the results is now done differently; see the documentation.
    • The JSON output has been significantly simplified.
      • The JSON output's format now fully matches the format of the results within the Python API.
      • An auto-generated JSON schema is also now available at ./json_output_schema.json (#487).
      • The Python documentation can now be used to understand the format for both Python results and JSON results.
    • SSLyze now provides a fully-typed Python API for parsing the JSON output of previously-run scans (#487).
      • parsed_json_result = SslyzeOutputAsJson.parse_file("result.json")
      • This can be used for example to process the results of SSLyze scans in a separate Python program.
    • HTTP headers testing: the Public-Key-Pins headers are no longer checked by SSLyze, as the pinning feature has been removed from most browsers (#506).
      • API-breaking changes:
        • The public_key_pins_header and public_key_pins_report_only_header fields have been removed from HttpHeadersScanResult.
    • Session resumption testing: the --resum scan command has been updated to provide better insights into how the server supports session resumption (#53).
      • The command will now attempt multiple resumptions using TLS tickets, similarly to what it already does for resumptions with Session IDs. Previously, it would only perform a single resumption attempt when testing TLS Tickets.
      • The new command --resum_attempts can be used in order to configure how many session resumptions --resum will attempt; it is set to 5 by default.
        • python -m sslyze --resum --resum_attempts=20 www.google.com
      • API-breaking changes:
        • The fields within SessionResumptionSupportScanResult have been renamed and updated,
        • The --resum_rate command, ScanCommand.SESSION_RESUMPTION_RATE and the SessionResumptionRateScanResult class have been removed. The --resum_attempts command and SessionResumptionSupportExtraArguments class should be used instead.
    • Misc bug fixes for when scanning servers with exotic TLS or network configurations (#531, #532, #533).
    Source code(tar.gz)
    Source code(zip)
    sslyze-5.0.0-exe.zip(25.61 MB)
  • 4.1.0(Mar 29, 2021)

    • SSLyze's memory usage has been significantly reduced when scanning a lot of servers concurrently (#511).
      • This will make it easier to deploy SSLyze to environments where memory is limited, such as AWS Lambda.
      • For example, when queuing 100 server scans, memory usage will now reach a maximum of 150 MB, instead of 1400 MB in previous versions of SSLyze.
    • Fixed errors when running http_headers on specific server software (#517, #516).
    • Removed usage of pipenv and switched back to a requirements.txt.
    Source code(tar.gz)
    Source code(zip)
    sslyze-4.1.0-exe.zip(21.91 MB)
  • 4.0.4(Feb 22, 2021)

    • Fixed errors when running --elliptic_curves on specific server software (#490).
    • Better error reporting when running --http_headers on a server that doesn't speak HTTP (#499, #500).
      • See also the new HttpHeadersScanResult.http_error_trace field in the Python API.
    Source code(tar.gz)
    Source code(zip)
    sslyze-4.0.4-exe.zip(21.84 MB)
  • 4.0.3(Feb 15, 2021)

    • Updated the JSON output to be more stable, to allow diffing the JSON output of successive scans against the same server (#491).
    • Fixed errors when scanning a server that only supports TLS 1.3 (#488).
    • Fixed error when running --robot on an nginx server configured to require client authentication (#484).
    • Fixed crash due to malformed HTTP headers (#498).
    • Better reporting when scanning unresponsive servers (#501).
    • Fixed error when an invalid certificate is deployed on the server (#495).
    • Fixed error when running --reneg on Indy TCP server (#483).
    Source code(tar.gz)
    Source code(zip)
    sslyze-4.0.3-exe.zip(21.84 MB)
  • 4.0.2(Jan 31, 2021)

  • 4.0.1(Jan 20, 2021)

  • 4.0.0(Jan 19, 2021)

    • Added support for Python 3.9 (#468).
    • Fixed a crash when parsing OCSP responses (#471).
      • API-breaking change: the ocsp_response field in CertificateInfoScanResult is now an OCSPResponse instance from the cryptography.x509.ocsp module.
      • JSON-breaking change: Significantly improved the JSON output for certificates and OCSP responses, when using --certinfo.
    • Fixed a false positive when testing for client-initiated renegotiation DoS attacks on some servers (#473).
      • API-breaking change: the accepts_client_renegotiation field in SessionRenegotiationScanResult was removed, and the more accurate is_vulnerable_to_client_renegotiation_dos field was added.
    • The ability to detect the server’s “preferred” cipher suite was removed for being too unreliable, and will be replaced by full cipher suite order detection in a future release (#456).
      • API-breaking change: the cipher_suite_preferred_by_server in CipherSuitesScanResult was removed.
    • Fixed a crash when scanning a server with an exotic/invalid TLS configuration (#466).
    • Fixed support for older versions of macOS.
    • Added support for the latest version of cryptography (#467).
    Source code(tar.gz)
    Source code(zip)
    sslyze-4.0.0-exe.zip(21.39 MB)
  • 3.1.0(Nov 11, 2020)

    • Added support for scanning for supported elliptic curves (#447):
    $ python -m sslyze --elliptic_curves www.cloudflare.com
    
     * Elliptic Curve Key Exchange:
           Supported curves:                  prime256v1, secp384r1, secp521r1, X25519
           Rejected curves:                   sect163r2, secp160r1, sect233k1, X448, secp160r2, sect233r1, secp192k1,
    sect239k1, secp224k1, sect193r1, sect283k1, secp224r1, sect163k1, sect283r1, secp256k1, secp160k1, 
    sect409k1, prime192v1, sect409r1, sect163r1, sect193r2, sect571k1, sect571r1
    
    • Added support for cryptography 3.x (#455).
    • Fixed various crashes (#458, #459).
    Source code(tar.gz)
    Source code(zip)
    sslyze-3.1.0-exe.zip(20.55 MB)
  • 3.0.8(Jun 28, 2020)

  • 3.0.7(Jun 13, 2020)

  • 3.0.6(May 31, 2020)

  • 3.0.4(May 10, 2020)

  • 3.0.3(Apr 27, 2020)

  • 3.0.2(Apr 19, 2020)

    • Improved check for HTTP security headers by adding support for HTTP redirections (#393 ).
    • Fixed bug causing some results to not be returned when scanning multiple servers (#429 ).
    • Added support for more versions of the cryptography package for better compatibility (#428 ).
    • Fixed crash when scanning a server with a certificate that has duplicate X509 extensions (#420 )
    Source code(tar.gz)
    Source code(zip)
    sslyze-3.0.2-exe.zip(17.57 MB)
  • 3.0.1(Apr 3, 2020)

  • 3.0.0(Mar 30, 2020)

    Big internal refactoring focused on modernizing the code base (dataclasses, type annotations, etc.) and improving the speed and reliability of the scan results.

    • The Python API and the format of the outputs have been drastically improved and simplified, but are not backward-compatible with older versions of SSLyze.
    • Python 3.8 is now supported, and Python 3.6 is no longer supported.
    • Huge improvements to the reliability of the scans:
      • The number of concurrent connections per single server can now be controlled and is set to 5 by default (#385).
      • This limit is enforced regardless of the number of scan commands queued for the server, and drastically reduces the number of scans that fail due to a slow server or a slow connection.
    • Various improvements to cipher suites scanning:
      • The size of the cipher's suite key is now always returned.
      • The (EC) Diffie-Helmann parameters negotiated during the TLS handshake are now returned (#394).
    • Various improvements to server certificate checks:
      • Servers that expose multiple leaf certificates and chains are now supported (#326).
      • Bug fix for Symantec CA deprecation (#406).
    • SSLyze is now compatible with PEP 561 for type checking with mypy.
    • Various improvements to the JSON output:
      • The format of the JSON output now exactly matches the format of the Python output (which is fully documented).
      • Better parsing of Subject and Issuer fields in certificates (#404).
    • Support for XML output was removed.
    Source code(tar.gz)
    Source code(zip)
  • 2.1.4(Sep 1, 2019)

  • 2.1.3(Jun 12, 2019)

  • 2.1.2(Jun 7, 2019)

  • 2.1.1(Jun 3, 2019)

    • Major cleanup of CertificateInfoPlugin and HttpHeadersPlugin; the results returned by these plugins when using the Python API or the JSON or XML outputs have changed slightly, and should be easier to understand and use.
      • However, existing code that parses these results will break.
    • Fixed bug where SSLyze was unable to build the verified chain for a given server; OpenSSL is now used directly to build the verified chain (#355).
    • Fixed bug with IPv6 support (#371).
    • Fixed crash in the RobotPlugin (#361).
    • Converted the test suite to pytest.
    Source code(tar.gz)
    Source code(zip)
    sslyze-2-1-1-exe.zip(16.57 MB)
  • 2.0.5(Jan 31, 2019)

  • 2.0.4(Jan 27, 2019)

  • 2.0.3(Dec 6, 2018)

Owner
Alban Diquet
Alban Diquet
PassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)

A medium security python password manager that encrypt passwords using Advanced Encryption Standard (AES) PassLock is a password manager and password

Akshay Vs 44 Nov 18, 2022
Nmap automated port scanner written in Python

port-scanner Nmap automated port scanner written in Python. USE: Clone the module Import the module: from portscanModule import portscanner Use: ports

Brayden Karnes 1 Dec 03, 2021
Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI

LFI-Hunter Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI A script written in

Anukul Pandey 6 Jan 30, 2022
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)

log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) It scans recursively both on disk

Fox-IT 431 Dec 22, 2022
Cloud One Container Security Runtime Events Forwarder

Example on how to query events by a RESTful API, compose CEF event format and send the events to an UDP receiver.

Markus Winkler 3 Feb 10, 2022
Add a Web Server based on Rogue Mysql Server to allow remote user get

介绍 对于需要使用 Rogue Mysql Server 的漏洞来说,若想批量检测这种漏洞的话需要自备一个服务器。并且我常用的Rogue Mysql Server 脚本 不支持动态更改读取文件名、不支持远程用户访问读取结果、不支持批量化检测网站。于是乎萌生了这个小脚本的想法 Rogue-MySql-

6 May 17, 2022
VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read

vcenter_fileread_exploit VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read Usage python3 vCenter_fileread.py http(s)://ip Referen

Ashish Kunwar 4 Sep 23, 2022
A malware to encrypt all the .txt and .jpg files in target computer using RSA algorithms

A malware to encrypt all the .txt and .jpg files in target computer using RSA algorithms. Change the Blackgound image of targets' computer. and decrypt the targets' encrypted files in our own compute

Li Ka Lok 2 Dec 02, 2022
A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms.

MacPer A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms. Not all of the exploits directly sp

20 Nov 30, 2022
BloodyAD is an Active Directory Privilege Escalation Framework

BloodyAD Framework BloodyAD is an Active Directory Privilege Escalation Framework, it can be used manually using bloodyAD.py or automatically by combi

757 Jan 07, 2023
An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.

RonnieColemanYARAParser This script is named after Ronnie Coleman, and peforms bulk lifts on arbitary file features using YARA console logging. Requir

Steve 20 Dec 13, 2022
Generate MIPS reverse shell shellcodes easily !

MIPS-Reverse MIPS-Reverse is a tool that can generate shellcodes for the MIPS architecture that launches a reverse shell where you can specify the IP

29 Jul 27, 2021
This repository will contain python scripts for hackers and pentesters

This repository will contain python scripts for hackers and pentesters. stop being limited with availble tools. Build your own.

0xTRAW 24 Nov 29, 2022
Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT. This repository includes tools and documentation for the Cryptick device.

1 Dec 31, 2021
Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1

CVE-2021-22911 Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1 The getPasswordPolicy method is vulnerable to NoS

Enox 47 Nov 09, 2022
Obfuscate ip address using different encodings

ipobfuscator How it works? Single ip address can be written in multiple ways. The most popular way is to represent ip as 4 octets separated with dots.

Piotr Warmke 1 Nov 02, 2021
This is a Cryptographied Password Manager, a tool for storing Passwords in a Secure way

Cryptographied Password Manager This is a Cryptographied Password Manager, a tool for storing Passwords in a Secure way without using external Service

Francesco 3 Nov 23, 2022
Open source vulnerability DB and triage service.

OSV - Open Source Vulnerabilities OSV is a vulnerability database and triage infrastructure for open source projects aimed at helping both open source

Google 893 Jan 04, 2023
Scans all drives for log4j jar files and gets their version from the manifest

log4shell_scanner Scans all drives for log4j jar files and gets their version from the manifest. Windows and Windows Server only.

Zdeněk Loučka 1 Dec 29, 2021
Solución al reto BBVA Contigo, Hack BBVA 2021

Solution Solución propuesta para el reto BBVA Contigo del Hackathon BBVA 2021. Equipo Mexdapy. Integrantes: David Pedroza Segoviano Regina Priscila Ba

Gabriel Missael Barco 2 Dec 06, 2021