Skip to content
O-Saft - OWASP SSL advanced forensic tool
Perl Tcl Makefile Shell Dockerfile Awk Other
Branch: master
Clone or download

README

 /~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-.
                                                          Version: 19.01.19  )
        O-Saft  - OWASP SSL advanced forensic tool                          (
	                                                                     )
 /~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-/
(
 )  DESCRIPTION
(       This tools lists  information about remote target's  SSL  certificate
 )      and tests the remote target according given list of ciphers.
(
 )  UNIQUE FEATURES
(   ===============
 )  ### * working in closed environments, i.e. without internet connection
(   ### * checking availability of ciphers independent of installed library
 )  ### * checking for all possible ciphers (up to 65535 per SSL protocol)
(   ### * needs just perl without modules for checking ciphers and protocols
 )  ### * mainly same results on all platforms
(
 )  WHY?
(       Why a new tool for checking SSL  when there already exist a dozens or
 )      more good tools in 2012? Some (but not all) reasons are:
(       * lack of tests of unusual ciphers
 )      * different results returned for the same check on same target
(       * missing functionality (checks) according modern SSL/TLS
 )      * lack of tests of unusual (SSL, certificate) configurations
(       * (mainly) missing feasability to add own tests
 )
(       For more details, please use
 )        o-saft.pl --help
(       or read the source ;-)
 )
(   TARGET AUDIENCE
 )      * penetration testers
(       * administrators
 )
(   INSTALLATION
 )      o-saft.pl requires following Perl modules:
(          Net::SSLeay          (prefered >= 1.51, recommended 1.85)
 )         IO::Socket::SSL      (prefered >= 1.37, recommended 2.002)
(          IO::Socket::INET     (prefered >= 1.31)
 )         Net::DNS             (prefered >= 0.65, for --mx option only)
(
 )      O-Saft  can be executed from within the unpacked or cloned directory,
(       installation is not necessary. However, a  INSTALL.sh  script will be
 )      provided, which can be called as follows:
(          INSTALL.sh
 )         INSTALL.sh --clean
(          INSTALL.sh --check
 )         INSTALL.sh --n /path/to/install --force
(          INSTALL.sh     /path/to/install --force
 )
(       There're no dependencies to other perl modules for checkAllCiphers.pl
 )      so the test of all ciphers (aka +cipherall) will work with it.
(       The modules Net::SSLinfo, Net::SSLhello are part of O-Saft and should
 )      be installed in ./Net .
(
 )
(       Following files are optional:
 )          .o-saft.pl           (private user configuration)
(           o-saft-dbx.pm        (for debugging, tracing)
 )          o-saft-usr.pm        (private functions, some kind of API)
(           o-saft-man.pm        (documentation and generation functions)
 )          o-saft.pod           (documentation in POD format)
(           checkAllCiphers.pl   (simple script for +cipherall option)
 )          .o-saft.tcl          (private user configuration for GUI)
(           o-saft-img.tcl       (images for buttons in GUI)
 )          contrib/*            (additional programs and tools)
(
 )  QUICK START
(       o-saft.pl --help
 )      o-saft.pl +check your.tld
(       o-saft.pl +info  your.tld
 )      o-saft.pl +quick your.tld
(       o-saft.pl +cipher    your.tld
 )      o-saft.pl +cipherall your.tld
(       o-saft.pl --help=commands
 )
(       o-saft.tcl      (simple GUI; requires Tcl/Tk 8.5 or newer)
 )
(       o-saft-docker   (simple wrapper to call o-saft.pl in docker image)
 )
(       Project home is https://www.owasp.org/index.php/O-Saft
 )      Project roadmap https://www.owasp.org/index.php/Projects/O-Saft/Roadmap
(
 )      Historic Project home https://www.owasp.org/index.php/Projects/O-Saft
(
 )  Get a Copy (latest stable release)
(       wget https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz
 )
(   Get a Copy (development version)
 )      git clone https://github.com/OWASP/O-Saft.git
(       git clone git@github.com:OWASP/O-Saft.git
 )
(   Get Docker Image (latest stable release)
 )      docker pull owasp/o-saft
(
 )  VERSION
(       The version of the tarball  o-saft.tgz  represents the version listed
 )      on top herein. All other files in the repository may be ahead of this
(       (tarball) version.
 )
(       SHA256 checksum of o-saft.tgz
 )           29d4faa2ed3025ed18d31175e868d6be9312b36ba486c6e5f305afeb34947f68
(
 )      SHA256 checksum of owasp/o-saft:latest and owasp/o-saft:18.11.18
(            b85423d142c186c1cf10494aa0e993f6f2030ab769977aca9584d7d650421697
 )
(       NOTE that the checksums listed here are the previous versions if this
 )      file is from  o-saft.tgz  itself, or inside the docker image.
(
 \_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-/
You can’t perform that action at this time.