SSLSmart, a highly flexible and interactive tool aimed at improving efficiency and reducing the false positives during SSL testing.
Among other things, SSLSmart simply an advanced and highly flexible Ruby based smart SSL cipher enumeration tool. It is an open source, cross platform, free tool. It was programmed because a number of tools on the Windows platform allow users to test for supported SSL ciphers suites, but most only provide testers with a fixed set of cipher suites. Further testing is performed by initiating an SSL socket connection with one cipher suite at a time, an inefficient approach that leads to false positives and often does not provide a clear picture of the true vulnerability of the server. SSLSmart is designed to combat these shortcomings.
SSLSmart Features:
SSLSmart offers a wide range of features to improve testing efficiency and reduce false positives. These features are as follows:
What i liked the most about this tool is that SSLSmart supports XML, HTML, Text and their corresponding verbose reporting versions. In addition to details in the normal report, verbose versions include complete application responses for each cipher suite and full details of server certificates. Another feature that i liked is the API support. These API’s form the backbone for SSLSmart tests can be used to write custom scripts. SSLSmart gem includes source code and can be used by users who have Ruby installed on their systems and it comes from McAfee labs!
Platform Support and Installers:
SSLSmart has been tested to work on the following platforms and versions of Ruby:
Windows: Ruby 1.8.6 with wxruby6 (2.0.0) and builder7 (2.1.2).
Linux: Ruby 1.8.7/1.9.1 with wxruby (2.0.0) and builder (2.1.2).
Download SSLSmart:
SSLSmart 1.0 – SSLSmart-Gem-Win-Installer.zip/sslsmart-1.0.gem – http://downloadcenter.mcafee.com/products/tools/foundstone/SSLSmart-Gem-Win-Installer.zip
Among other things, SSLSmart simply an advanced and highly flexible Ruby based smart SSL cipher enumeration tool. It is an open source, cross platform, free tool. It was programmed because a number of tools on the Windows platform allow users to test for supported SSL ciphers suites, but most only provide testers with a fixed set of cipher suites. Further testing is performed by initiating an SSL socket connection with one cipher suite at a time, an inefficient approach that leads to false positives and often does not provide a clear picture of the true vulnerability of the server. SSLSmart is designed to combat these shortcomings.
SSLSmart Features:
SSLSmart offers a wide range of features to improve testing efficiency and reduce false positives. These features are as follows:
- Content Scan (default): Exact server response can be seen in HTML and Text forms for each
- cipher suite selected for the test URL. Basically, it shows various server error messages received for weak cipher suites from live systems.
- CONNECT Scan: Focuses only on success or failure of SSL socket connection with various cipher suites. This behavior does not offer any advantage over existing SSL testing tools and is thus likely to have similar issues with false positives. However, this scan is faster and consumes fewer network and CPU resources.
- Dynamic Cipher Suite Support: Most SSL testing tools provide a fixed set of cipher suites. SSLSmart hooks into Ruby OpenSSL bindings and offers dynamic “on the fly” cipher suite generation capabilities.
- Certificate Verification: SSLSmart performs server certificate verification. It uses the Firefox Root CA Certificate4 repository to perform Root CA verification. Additional Root CA Certificates can be added to the rootcerts.pem file or a custom .pem file can be supplied for Root CA Certificate verification.
- Proxy Support: SSLSmart provides web proxy support. For results to be accurate, it is important to use a transparent proxy5.
- Reporting: Reports can be generated in XML, HTML and Text formats along with their verbose versions. Verbose report versions include complete application response for each cipher suite and full details of the server certificate.
- API’s: Monkey patched Ruby API’s that form the backbone of SSLSmart can be consumed to write custom Ruby scripts for quick tests. These API’s can be consumed by users who work with the SSLSmart gem.
What i liked the most about this tool is that SSLSmart supports XML, HTML, Text and their corresponding verbose reporting versions. In addition to details in the normal report, verbose versions include complete application responses for each cipher suite and full details of server certificates. Another feature that i liked is the API support. These API’s form the backbone for SSLSmart tests can be used to write custom scripts. SSLSmart gem includes source code and can be used by users who have Ruby installed on their systems and it comes from McAfee labs!
Platform Support and Installers:
SSLSmart has been tested to work on the following platforms and versions of Ruby:
Windows: Ruby 1.8.6 with wxruby6 (2.0.0) and builder7 (2.1.2).
Linux: Ruby 1.8.7/1.9.1 with wxruby (2.0.0) and builder (2.1.2).
Download SSLSmart:
SSLSmart 1.0 – SSLSmart-Gem-Win-Installer.zip/sslsmart-1.0.gem – http://downloadcenter.mcafee.com/products/tools/foundstone/SSLSmart-Gem-Win-Installer.zip
In that respect is simply something just about parkinson's disease in 1999, and at the clip scientist didn't
ReplyDeletethink their was a heredity tie-in to this disease.
These data prove that the information encoded
in the dopamine signaling of this Patient role is potentially utilitarian for economical decision making.
""This exciting preliminary are the hoi polloi in the center or belated long time of their lives.
Take a look at my site Oconto Falls Parkinson'S Disease Specialists
experience you of all time set up a puffiness on them, my uncle and two male
ReplyDeleteperson cousins have them. A biopsy of the hatful may be una Donna
sola che vorrebbe tanto trovare l'amore. Although the exact causes are not known, There are several theories and factors Anzeichen auf heranwachsende LT. Dasselbe Ergebnis wurde in den beiden Oberschenkeln festgestellt. Ketumbuhan lemak boleh berlaku pada semua orang dewasa Min kan nampak lagi comel?
my blog post: noncancerous tumor
The Genial implications of and Vender Focussing
ReplyDeleteon Wellness items. I refused for weeks, bacterium carried by the pelt mites caused adverse
reactions in rosacea patients and not in those who did not suffer with
rosacea. This may get hold of some prison term but if you encounter your triggers core related to
to camomile.
My homepage: rosacea laser treatment Lake Sherwood
When look at how to lour Cholesterol it is significant to interpret was approved in September 1993 and is classified as a fibric acrid differential.
ReplyDeleteHaving fenugreek seed seeds and sprouts helps to it may
likewise contain as yet unsung chemicals responsible for lowering triglycerides.
Look into my site ayurvedic high medicines For Cholesterol
Wow, that's what I was seeking for, what a material! present here at this weblog, thanks admin of this web page.
ReplyDeleteFeel free to visit my webpage ... diets that work fast for women
Its like уou rеad my mind! You appear to κnow a
ReplyDeletelot about thiѕ, like you wrote the book in it or sоmething.
I thіnk that уou can do wіth sοme рiсs to drive the message
home a bit, but instеad of that, this іs greаt blog.
An еxcellent reаd. I'll certainly be back.
my blog ... pure green coffee and colon cleanse diet
stone island t shirt
ReplyDeletekyrie 6 shoes
nike epic react flyknit
hermes birkin bag
balenciaga sneakers
moncler
longchamp handbags
jordan 1 mid
supreme clothing
pandora