ssl-auditssl-audit - Find weak rsa/dsa keys as they are produced by corrupt Debian OpenSSL packages | |
Download |
ssl-audit Ranking & Summary
Advertisement
- License:
- GPL
- Price:
- FREE
- Publisher Name:
- Hartmut Goebel
- Publisher web site:
- http://ssl-audit.origo.ethz.ch/
- Operating Systems:
- Mac OS X
- File Size:
- 46 KB
ssl-audit Tags
ssl-audit Description
ssl-audit - Find weak rsa/dsa keys as they are produced by corrupt Debian OpenSSL packages ssl-audit helps finding weak rsa/dsa keys as they are produced by corrupt Debian OpenSSL packages. Since this problem may affect other platforms indirectly, ssl-audit supports Mac OS X and Windows, too.ssl-audit is heavily inspired by dowkd.pl by Florian Weimer. Unfortunately this has some major drawbacks: it is tailored towards a typical Unix/Linux environment, per default only scans according to Debian/Linux directory structure, and does not support other platform types like Windows.Here are some key features of "ssl audit":· Platform independent: available for Unix, Windows and Mac OSX· Does not requires other tools like openssl or ssh to be installed.· Supported Keytypes: X.509/SSL Certificates, Certificate Signing Requests (CSR), Private Keys (PEM), SSH user identities (user keys), host keys, known-hosts files, OpenVPN private key files· Supports scanning local files.· Blacklists are documented on a separate page.· Keys and certificates are read directly.· Prepared for other sources: other filetypes, Windows registry, a SSL/TLS connection,· Much smaller blacklist, since we use a single fingerprinting algorithm independent of the key source. (This has to be researched).
ssl-audit Related Software