Skip to content
O-Saft - OWASP SSL advanced forensic tool
Perl Makefile Tcl Shell Dockerfile Awk Other
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Net ED: formal changes Jan 4, 2020
OSaft ED: unused comment removed Jan 10, 2020
contrib EF: silently accept mistyped options Dec 15, 2019
docs ED: mv o-saft.pod docs/o-saft.pod Dec 3, 2019
t EF: most targets generated from LIST.cmd.* variables Jan 11, 2020
.o-saft.pl EF: +pkp_pins renamed to +https_pins Dec 14, 2019
CHANGES VERSION 19.01.19 Jan 20, 2019
Dockerfile EF: build with debian supported Dec 14, 2019
INSTALL.sh VERSION 19.01.19 Jan 20, 2019
LICENSE.md
Makefile ET: Makefile.docker docker added Dec 15, 2019
README VERSION 19.01.19 Jan 20, 2019
checkAllCiphers.pl '--connect-delay=SEC' implemented for checkAllCiphers.pl Jul 15, 2017
o-saft EF: allow -help also; alias for -h Dec 15, 2019
o-saft-dbx.pm ED: formal changes (adapted to o-saft.pl 1.990) Jan 11, 2020
o-saft-docker EF: allow -h and -help for convenience Dec 15, 2019
o-saft-docker-dev BF: corupted date arguments corrected Aug 1, 2019
o-saft-img.tcl EF: docker_status_99x29_magenta.png added Dec 15, 2019
o-saft-man.pm ED: formal changes (adapted to o-saft.pl 1.990) Jan 11, 2020
o-saft-usr.pm ED: formal changes Jan 4, 2020
o-saft.cgi BF: checks improved for arguments with/without --host= prefix Jan 9, 2020
o-saft.php EF: force setting --cgi-no-header for o-saft.cgi Nov 12, 2019
o-saft.pl ED: formal changes (some config moved to cfg{out} and cfg{use} Jan 11, 2020
o-saft.tcl ED: formal changes Dec 15, 2019
o-saft.tgz VERSION 19.01.19 Jan 20, 2019
osaft.pm ED: formal changes (some config moved to cfg{out} and cfg{use} Jan 11, 2020

README

 /~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-.
                                                          Version: 19.01.19  )
        O-Saft  - OWASP SSL advanced forensic tool                          (
	                                                                     )
 /~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-/
(
 )  DESCRIPTION
(       This tools lists  information about remote target's  SSL  certificate
 )      and tests the remote target according given list of ciphers.
(
 )  UNIQUE FEATURES
(   ===============
 )  ### * working in closed environments, i.e. without internet connection
(   ### * checking availability of ciphers independent of installed library
 )  ### * checking for all possible ciphers (up to 65535 per SSL protocol)
(   ### * needs just perl without modules for checking ciphers and protocols
 )  ### * mainly same results on all platforms
(
 )  WHY?
(       Why a new tool for checking SSL  when there already exist a dozens or
 )      more good tools in 2012? Some (but not all) reasons are:
(       * lack of tests of unusual ciphers
 )      * different results returned for the same check on same target
(       * missing functionality (checks) according modern SSL/TLS
 )      * lack of tests of unusual (SSL, certificate) configurations
(       * (mainly) missing feasability to add own tests
 )
(       For more details, please use
 )        o-saft.pl --help
(       or read the source ;-)
 )
(   TARGET AUDIENCE
 )      * penetration testers
(       * administrators
 )
(   INSTALLATION
 )      o-saft.pl requires following Perl modules:
(          Net::SSLeay          (prefered >= 1.51, recommended 1.85)
 )         IO::Socket::SSL      (prefered >= 1.37, recommended 2.002)
(          IO::Socket::INET     (prefered >= 1.31)
 )         Net::DNS             (prefered >= 0.65, for --mx option only)
(
 )      O-Saft  can be executed from within the unpacked or cloned directory,
(       installation is not necessary. However, a  INSTALL.sh  script will be
 )      provided, which can be called as follows:
(          INSTALL.sh
 )         INSTALL.sh --clean
(          INSTALL.sh --check
 )         INSTALL.sh --n /path/to/install --force
(          INSTALL.sh     /path/to/install --force
 )
(       There're no dependencies to other perl modules for checkAllCiphers.pl
 )      so the test of all ciphers (aka +cipherall) will work with it.
(       The modules Net::SSLinfo, Net::SSLhello are part of O-Saft and should
 )      be installed in ./Net .
(
 )
(       Following files are optional:
 )          .o-saft.pl           (private user configuration)
(           o-saft-dbx.pm        (for debugging, tracing)
 )          o-saft-usr.pm        (private functions, some kind of API)
(           o-saft-man.pm        (documentation and generation functions)
 )          o-saft.pod           (documentation in POD format)
(           checkAllCiphers.pl   (simple script for +cipherall option)
 )          .o-saft.tcl          (private user configuration for GUI)
(           o-saft-img.tcl       (images for buttons in GUI)
 )          contrib/*            (additional programs and tools)
(
 )  QUICK START
(       o-saft.pl --help
 )      o-saft.pl +check your.tld
(       o-saft.pl +info  your.tld
 )      o-saft.pl +quick your.tld
(       o-saft.pl +cipher    your.tld
 )      o-saft.pl +cipherall your.tld
(       o-saft.pl --help=commands
 )
(       o-saft.tcl      (simple GUI; requires Tcl/Tk 8.5 or newer)
 )
(       o-saft-docker   (simple wrapper to call o-saft.pl in docker image)
 )
(       Project home is https://www.owasp.org/index.php/O-Saft
 )      Project roadmap https://www.owasp.org/index.php/Projects/O-Saft/Roadmap
(
 )      Historic Project home https://www.owasp.org/index.php/Projects/O-Saft
(
 )  Get a Copy (latest stable release)
(       wget https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz
 )
(   Get a Copy (development version)
 )      git clone https://github.com/OWASP/O-Saft.git
(       git clone git@github.com:OWASP/O-Saft.git
 )
(   Get Docker Image (latest stable release)
 )      docker pull owasp/o-saft
(
 )  VERSION
(       The version of the tarball  o-saft.tgz  represents the version listed
 )      on top herein. All other files in the repository may be ahead of this
(       (tarball) version.
 )
(       SHA256 checksum of o-saft.tgz
 )           29d4faa2ed3025ed18d31175e868d6be9312b36ba486c6e5f305afeb34947f68
(
 )      SHA256 checksum of owasp/o-saft:latest and owasp/o-saft:18.11.18
(            b85423d142c186c1cf10494aa0e993f6f2030ab769977aca9584d7d650421697
 )
(       NOTE that the checksums listed here are the previous versions if this
 )      file is from  o-saft.tgz  itself, or inside the docker image.
(
 \_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-/
You can’t perform that action at this time.