Skip to content
O-Saft - OWASP SSL advanced forensic tool
Branch: master
Clone or download
Latest commit 577a1a1 Jul 22, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Net BF: get session information from Net::SSLeay (avoid perl warnings) Jul 4, 2019
OSaft BF: extend @inc (for internal use; @inc depends on OS and distribution) Jul 21, 2019
contrib EF: building modules improved Jul 21, 2019
docs docs/o-saft-docker.pdf added Nov 5, 2018
t ET: different "diff" tools Jul 22, 2019
.o-saft.pl EF: sstp added to +check Jul 4, 2019
CHANGES VERSION 19.01.19 Jan 20, 2019
Dockerfile VERSION 19.01.19 Jan 20, 2019
INSTALL.sh VERSION 19.01.19 Jan 20, 2019
LICENSE.md Add LICENSE.md file Jul 27, 2013
Makefile ED: _help_list target improved Jul 4, 2019
README VERSION 19.01.19 Jan 20, 2019
checkAllCiphers.pl '--connect-delay=SEC' implemented for checkAllCiphers.pl Jul 15, 2017
o-saft EF: option +VERSION added Jul 20, 2019
o-saft-dbx.pm ET: formal changes Jul 8, 2019
o-saft-docker docker_usage() improved Nov 9, 2018
o-saft-docker-dev documentation improved Nov 9, 2018
o-saft-img.tcl image STDOUT added Dec 16, 2016
o-saft-man.pm ET: allow --help=* and --test-* for compatibility with other programs Jun 30, 2019
o-saft-usr.pm ED: contains AUTHOR and VERSION Apr 27, 2019
o-saft.cgi EF: deny incomplete IPv4 Jul 20, 2019
o-saft.pl ED: annotation Perl:@inc added Jul 21, 2019
o-saft.pod VERSION 19.01.19 Jan 20, 2019
o-saft.tcl EF: o-saft.pl initially called if +command arguments are given Jul 20, 2019
o-saft.tgz VERSION 19.01.19 Jan 20, 2019
osaft.pm ED: formal changes Jul 11, 2019

README

 /~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-.
                                                          Version: 19.01.19  )
        O-Saft  - OWASP SSL advanced forensic tool                          (
	                                                                     )
 /~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-/
(
 )  DESCRIPTION
(       This tools lists  information about remote target's  SSL  certificate
 )      and tests the remote target according given list of ciphers.
(
 )  UNIQUE FEATURES
(   ===============
 )  ### * working in closed environments, i.e. without internet connection
(   ### * checking availability of ciphers independent of installed library
 )  ### * checking for all possible ciphers (up to 65535 per SSL protocol)
(   ### * needs just perl without modules for checking ciphers and protocols
 )  ### * mainly same results on all platforms
(
 )  WHY?
(       Why a new tool for checking SSL  when there already exist a dozens or
 )      more good tools in 2012? Some (but not all) reasons are:
(       * lack of tests of unusual ciphers
 )      * different results returned for the same check on same target
(       * missing functionality (checks) according modern SSL/TLS
 )      * lack of tests of unusual (SSL, certificate) configurations
(       * (mainly) missing feasability to add own tests
 )
(       For more details, please use
 )        o-saft.pl --help
(       or read the source ;-)
 )
(   TARGET AUDIENCE
 )      * penetration testers
(       * administrators
 )
(   INSTALLATION
 )      o-saft.pl requires following Perl modules:
(          Net::SSLeay          (prefered >= 1.51, recommended 1.85)
 )         IO::Socket::SSL      (prefered >= 1.37, recommended 2.002)
(          IO::Socket::INET     (prefered >= 1.31)
 )         Net::DNS             (prefered >= 0.65, for --mx option only)
(
 )      O-Saft  can be executed from within the unpacked or cloned directory,
(       installation is not necessary. However, a  INSTALL.sh  script will be
 )      provided, which can be called as follows:
(          INSTALL.sh
 )         INSTALL.sh --clean
(          INSTALL.sh --check
 )         INSTALL.sh --n /path/to/install --force
(          INSTALL.sh     /path/to/install --force
 )
(       There're no dependencies to other perl modules for checkAllCiphers.pl
 )      so the test of all ciphers (aka +cipherall) will work with it.
(       The modules Net::SSLinfo, Net::SSLhello are part of O-Saft and should
 )      be installed in ./Net .
(
 )
(       Following files are optional:
 )          .o-saft.pl           (private user configuration)
(           o-saft-dbx.pm        (for debugging, tracing)
 )          o-saft-usr.pm        (private functions, some kind of API)
(           o-saft-man.pm        (documentation and generation functions)
 )          o-saft.pod           (documentation in POD format)
(           checkAllCiphers.pl   (simple script for +cipherall option)
 )          .o-saft.tcl          (private user configuration for GUI)
(           o-saft-img.tcl       (images for buttons in GUI)
 )          contrib/*            (additional programs and tools)
(
 )  QUICK START
(       o-saft.pl --help
 )      o-saft.pl +check your.tld
(       o-saft.pl +info  your.tld
 )      o-saft.pl +quick your.tld
(       o-saft.pl +cipher    your.tld
 )      o-saft.pl +cipherall your.tld
(       o-saft.pl --help=commands
 )
(       o-saft.tcl      (simple GUI; requires Tcl/Tk 8.5 or newer)
 )
(       o-saft-docker   (simple wrapper to call o-saft.pl in docker image)
 )
(       Project home is https://www.owasp.org/index.php/O-Saft
 )      Project roadmap https://www.owasp.org/index.php/Projects/O-Saft/Roadmap
(
 )      Historic Project home https://www.owasp.org/index.php/Projects/O-Saft
(
 )  Get a Copy (latest stable release)
(       wget https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz
 )
(   Get a Copy (development version)
 )      git clone https://github.com/OWASP/O-Saft.git
(       git clone git@github.com:OWASP/O-Saft.git
 )
(   Get Docker Image (latest stable release)
 )      docker pull owasp/o-saft
(
 )  VERSION
(       The version of the tarball  o-saft.tgz  represents the version listed
 )      on top herein. All other files in the repository may be ahead of this
(       (tarball) version.
 )
(       SHA256 checksum of o-saft.tgz
 )           29d4faa2ed3025ed18d31175e868d6be9312b36ba486c6e5f305afeb34947f68
(
 )      SHA256 checksum of owasp/o-saft:latest and owasp/o-saft:18.11.18
(            b85423d142c186c1cf10494aa0e993f6f2030ab769977aca9584d7d650421697
 )
(       NOTE that the checksums listed here are the previous versions if this
 )      file is from  o-saft.tgz  itself, or inside the docker image.
(
 \_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-/
You can’t perform that action at this time.