Skip to content

FHMS-ITS/EAST

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

Email Analysis Toolkit (EAST)

Artifacts for the USENIX paper "Why TLS is better without STARTTLS: A Security Analysis of STARTTLS in the Email Context" (Pre-Print) by Damian Poddebniak¹, Fabian Ising¹, Hanno Böck², and Sebastian Schinzel¹. The Fake Mail Server and the Command Injection Tester were peer-reviewed in the USENIX'21 Call for Artifacts.

¹ Münster University of Applied Sciences, ² Independent Researcher

More information about our STARTTLS research can be found here: https://nostarttls.secvuln.info/

Where is the Code?

This repository is a landing page. Head over to the "Email Analysis Toolkit" organization to find the EAST tooling:

Virtual Machine for Client Testing

In addition to the provided code, we provided a Ubuntu-based VirtualBox VM as a GitHub release to ease client testing. This Virtual Machine contains a nested QEMU Virtual Machine with the Thunderbird Version tested in the paper. For further information, see the GitHub releases.