Skip to content

xthk/O-Saft

This branch is 6495 commits behind OWASP/O-Saft:master.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

f3a601a · Dec 11, 2014
Dec 7, 2014
Dec 1, 2014
Dec 7, 2014
Jun 5, 2014
Jul 27, 2013
Dec 7, 2014
Dec 7, 2014
Dec 28, 2013
Oct 14, 2014
Jan 6, 2014
Dec 6, 2014
Dec 11, 2014
Nov 27, 2014
Dec 11, 2014
Dec 7, 2014
Nov 15, 2014
Sep 7, 2013

Repository files navigation

 /~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-.
                                                          Version: 14.12.07  )
	O-Saft  - OWASP SSL audit for testers                               (
                  OWASP SSL advanced forensic tool                           )
 /~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-/
(
 )  DESCRIPTION
(       This tools lists  information about remote target's  SSL  certificate
 )      and tests the remote target according given list of ciphers.
(
 )  WHY?
(       Why a new tool for checking SSL  when there already exist a dozens or
 )      more in 2012? Some (but not all) reasons are:
(       * lack of tests of unusual ciphers
 )      * different results returned for the same check on same target
(       * missing functionality (checks) according modern SSL/TLS
 )      * lack of tests of unusual (SSL, certificate) configurations
(       * (mainly) missing feasability to add own tests
 )
(       For more details, please use
 )        o-saft.pl --help
(       or read the source ;-)
 )
(   TARGET AUDIENCE
 )      * penetration testers
(       * administrators
 )
(   INSTALLATION
 )       o-saft.pl requires following Perl modules:
(          Net::SSLeay          (prefered >= 1.51)
 )         IO::Socket::SSL      (prefered >= 1.37)
(          IO::Socket::INET     (prefered >= 1.31)
 )         Net::DNS             (for --mx option only)
(
 )
(       There are no dependencies for checkAllCiphers.pl, so the test of all
 )      ciphers (aka +cipherall) will work with it.
(       Module Net::SSLinfo and Net::SSLhello are part of O-Saft and should be
 )      installed in ./Net .
(       All dependencies for these modules must also be installed.
 )
(       Following files are optional:
 )          .o-saft.pl           (private user configuration)
(           o-saft-dbx.pm        (for debugging, tracing)
 )          o-saft-man.pm        (documentation and generation functions)
(           o-saft-usr.pm        (private functions, some kind of API)
 )          checkAllCiphers.pl   (simple script for +cipherall option)
(
 )      .o-saft.pl is delivered as .o-saft.pl.sample to avoid destroying user
(       configurations. It needs to be renamed before used.
 )
(       o-saft.pl  reads  o-saft-README  if possible and exits.
 )      o-saft-README  must be renamed or removed to get  o-saft.pl  working.
(
 )  QUICK START
(       o-saft.pl --help
 )      o-saft.pl +check your.tld
(       o-saft.pl +info  your.tld
 )      o-saft.pl +quick your.tld
(       o-saft.pl +cipher    your.tld
 )      o-saft.pl +cipherall your.tld
(       o-saft.pl --help=commands
 )
(       Project home is https://www.owasp.org/index.php/Projects/O-Saft
 )      Project roadmap https://www.owasp.org/index.php/Projects/O-Saft/Roadmap
(
 )  Get a Copy
(       git clone [email protected]:OWASP/O-Saft.git
 )      git clone https://github.com/OWASP/O-Saft.git
(       wget https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz
 )
(
 )  VERSION
(       The version of the tarball  o-saft.tgz  represents the version listed
 )      on top herein. All other files in the repository may be ahead of this
(       (tarball) version.
 \_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-/

About

O-Saft - OWASP SSL audit for testers

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Perl 99.4%
  • Shell 0.6%