This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Projects/O-Saft"
From OWASP
(purpose improved) |
(outdated page, see /O-Saft) |
||
| (6 intermediate revisions by the same user not shown) | |||
| Line 2: | Line 2: | ||
[[Category:OWASP Tool]] | [[Category:OWASP Tool]] | ||
[[Category:OWASP Download]] | [[Category:OWASP Download]] | ||
| + | <br> | ||
| + | |||
| + | {{outdated page, please see:}} [[O-Saft]] | ||
| + | |||
| + | |||
{{OWASP Defenders}} | {{OWASP Defenders}} | ||
{{Template:Project About | {{Template:Project About | ||
| − | | project_name =O-Saft | + | | project_name = '''O-Saft - OWASP SSL audit for testers / OWASP SSL advanced forensic tool''' |
| project_home_page =O-Saft | | project_home_page =O-Saft | ||
| project_description =This tools lists information about remote target's SSL certificate and tests the remote target's SSL connection according given list of ciphers and various SSL configurations. | | project_description =This tools lists information about remote target's SSL certificate and tests the remote target's SSL connection according given list of ciphers and various SSL configurations. | ||
| − | ;O-Saft | + | ;O-Saft :The main idea is to have a tool which works on common platforms and can simply be automated. |
| − | :The main idea is to have a tool which works on common platforms and can simply be automated. | ||
;In a Nutshell: | ;In a Nutshell: | ||
:* show SSL connection details | :* show SSL connection details | ||
| Line 16: | Line 20: | ||
:* check for ciphers provided in your own libssl.so and libcrypt.so | :* check for ciphers provided in your own libssl.so and libcrypt.so | ||
:* check for special HTTP(S) support (like SNI, HSTS, certificate pinning) | :* check for special HTTP(S) support (like SNI, HSTS, certificate pinning) | ||
| + | :* check for protections against attacks (BEAST, CRIME, RC4 Bias, ...) | ||
:* may check for a single attribute | :* may check for a single attribute | ||
:* may check multiple targets at once | :* may check multiple targets at once | ||
| Line 21: | Line 26: | ||
:* should work on any platform (just needs perl, openssl optional) | :* should work on any platform (just needs perl, openssl optional) | ||
:* scoring for all checks (still to be improved in many ways ;-) | :* scoring for all checks (still to be improved in many ways ;-) | ||
| − | :* output format can be | + | :* output format can be customized |
:* various trace and debug options to hunt unusual connection problems | :* various trace and debug options to hunt unusual connection problems | ||
| + | |||
| + | ;Installation | ||
| + | : * Download and unpack ''o-saft.tgz'' | ||
| + | : * Ensure that following perl modules (and their dependencies) are installed | ||
| + | : <nowiki>     </nowiki> ''IO::Socket::INET'', ''IO::Socket::SSL'', ''Net::SSLeay'' | ||
| + | : * Start: ''o-saft --help'' | ||
| project_license = GPL v2 | | project_license = GPL v2 | ||
| Line 32: | Line 43: | ||
| links_name1 = Repository https://github.com/OWASP/O-Saft | | links_name1 = Repository https://github.com/OWASP/O-Saft | ||
| links_url2 = https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz | | links_url2 = https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz | ||
| − | | links_name2 = | + | | links_name2 = Tarball o-saft.tgz |
}} | }} | ||
{{Template:OWASP_Release_Info | {{Template:OWASP_Release_Info | ||
| − | | current_release_name = O-Saft | + | | current_release_name = O-Saft 14.1.4 |
| − | | current_release_date = | + | | current_release_date = 01/2014 |
| current_release_download_link = https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz | | current_release_download_link = https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz | ||
| current_release_leader_name = [[User:Achim|Achim]] | | current_release_leader_name = [[User:Achim|Achim]] | ||
| Line 48: | Line 59: | ||
{{Template:Releases Summary | project_name = O-Saft }} | {{Template:Releases Summary | project_name = O-Saft }} | ||
{{Template:Release | {{Template:Release | ||
| − | | release_name = O-Saft | + | | release_name = O-Saft 14.1.4 |
| − | | release_date = | + | | release_date = 01/2014 |
| download_link = https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz | | download_link = https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz | ||
}} | }} | ||
--> | --> | ||
Latest revision as of 09:05, 20 February 2014
Template:Outdated page, please see: O-Saft
|
This project is part of the OWASP Defenders community. Feel free to browse other projects within the Defenders, Builders, and Breakers communities. |
| PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
| |||||||||||||||||||||||||||||||||||||
| current release | |
|---|---|
| O-Saft 14.1.4 - 01/2014 - (download)
Release details: N/A : Rating:
| |
