sslcaudit v1.0 Released
The goal of sslcaudit project is to develop a utility to automate testing SSL/TLS clients for resistance against MITM attacks. It is useful for testing thick clients, mobile applications, appliances, pretty much anything communicating over SSL/TLS over TCP.
The goal of sslcaudit project is to develop a utility to automate testing SSL/TLS clients for resistance against MITM attacks, focusing on flaws exploitable in practice. On the high level sslcaudit tests:
- what server certificates the client trusts enough to establish SSL/TLS connection,
- what flavors of SSL protocol the client supports (coming in sslcaudit v1.1).
Documentation:
More Information: here
Download sslcaudit v1.0