This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Projects/O-Saft"
From OWASP
(Created page with "{{Template:Project About | project_name =O-Saft | project_home_page =O-Saft | project_description =This tools lists information about remote target's SSL certificate and tests...") |
(outdated page, see /O-Saft) |
||
(22 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
+ | [[Category:OWASP Project]] | ||
+ | [[Category:OWASP Tool]] | ||
+ | [[Category:OWASP Download]] | ||
+ | <br> | ||
+ | |||
+ | {{outdated page, please see:}} [[O-Saft]] | ||
+ | |||
+ | |||
+ | {{OWASP Defenders}} | ||
+ | |||
{{Template:Project About | {{Template:Project About | ||
− | | project_name =O-Saft | + | | project_name = '''O-Saft - OWASP SSL audit for testers / OWASP SSL advanced forensic tool''' |
| project_home_page =O-Saft | | project_home_page =O-Saft | ||
| project_description =This tools lists information about remote target's SSL certificate and tests the remote target's SSL connection according given list of ciphers and various SSL configurations. | | project_description =This tools lists information about remote target's SSL certificate and tests the remote target's SSL connection according given list of ciphers and various SSL configurations. | ||
+ | ;O-Saft :The main idea is to have a tool which works on common platforms and can simply be automated. | ||
+ | ;In a Nutshell: | ||
+ | :* show SSL connection details | ||
+ | :* show certificate details | ||
+ | :* check for supported ciphers | ||
+ | :* check for ciphers provided in your own libssl.so and libcrypt.so | ||
+ | :* check for special HTTP(S) support (like SNI, HSTS, certificate pinning) | ||
+ | :* check for protections against attacks (BEAST, CRIME, RC4 Bias, ...) | ||
+ | :* may check for a single attribute | ||
+ | :* may check multiple targets at once | ||
+ | :* can be scripted (headless or as CGI) | ||
+ | :* should work on any platform (just needs perl, openssl optional) | ||
+ | :* scoring for all checks (still to be improved in many ways ;-) | ||
+ | :* output format can be customized | ||
+ | :* various trace and debug options to hunt unusual connection problems | ||
+ | |||
+ | ;Installation | ||
+ | : * Download and unpack ''o-saft.tgz'' | ||
+ | : * Ensure that following perl modules (and their dependencies) are installed | ||
+ | : <nowiki>     </nowiki> ''IO::Socket::INET'', ''IO::Socket::SSL'', ''Net::SSLeay'' | ||
+ | : * Start: ''o-saft --help'' | ||
+ | |||
| project_license = GPL v2 | | project_license = GPL v2 | ||
− | | leader_name1 = Achim | + | | leader_name1 = [[User:Achim|Achim]] |
| leader_email1 = [email protected] | | leader_email1 = [email protected] | ||
| mailing_list_name = https://lists.owasp.org/mailman/listinfo/o-saft | | mailing_list_name = https://lists.owasp.org/mailman/listinfo/o-saft | ||
| project_road_map = https://www.owasp.org/index.php/Projects/O-Saft/Roadmap | | project_road_map = https://www.owasp.org/index.php/Projects/O-Saft/Roadmap | ||
+ | | links_url1 = http://github.com/OWASP/O-Saft | ||
+ | | links_name1 = Repository https://github.com/OWASP/O-Saft | ||
+ | | links_url2 = https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz | ||
+ | | links_name2 = Tarball o-saft.tgz | ||
}} | }} | ||
+ | {{Template:OWASP_Release_Info | ||
+ | | current_release_name = O-Saft 14.1.4 | ||
+ | | current_release_date = 01/2014 | ||
+ | | current_release_download_link = https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz | ||
+ | | current_release_leader_name = [[User:Achim|Achim]] | ||
+ | | current_release_leader_email = [email protected] | ||
+ | }} | ||
+ | <!-- removed from above template | ||
+ | | current_release_details = https://github.com/OWASP/O-Saft <nowiki> (most checks implemented, rudimentary scoring) </nowiki> | ||
+ | --> | ||
+ | |||
+ | <!-- following does not update "REALEASE(S) INFO" in top right of page: | ||
+ | {{Template:Releases Summary | project_name = O-Saft }} | ||
+ | {{Template:Release | ||
+ | | release_name = O-Saft 14.1.4 | ||
+ | | release_date = 01/2014 | ||
+ | | download_link = https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz | ||
+ | }} | ||
+ | --> |
Latest revision as of 09:05, 20 February 2014
Template:Outdated page, please see: O-Saft
This project is part of the OWASP Defenders community. Feel free to browse other projects within the Defenders, Builders, and Breakers communities. |
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
current release | |
---|---|
O-Saft 14.1.4 - 01/2014 - (download)
Release details: N/A : Rating: Not Reviewed
|