TrustKit - Easy SSL pinning validation and reporting for iOS, macOS, tvOS and watchOS.

  •        100

TrustKit is an open source framework that makes it easy to deploy SSL public key pinning and reporting in any iOS 8+, macOS 10.10+, tvOS 10+ or watchOS 3+ App; it supports both Swift and Objective-C Apps. If you need SSL pinning/reporting in your Android App. we have also released TrustKit for Android at https://github.com/datatheorem/TrustKit-Android.

https://github.com/datatheorem/TrustKit

Tags
Implementation
License
Platform

   




Related Projects

ssl-kill-switch2 - Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps

  •    C

Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps. Second iteration of https://github.com/iSECPartners/ios-ssl-kill-switch . Once loaded into an iOS or OS X App, SSL Kill Switch 2 patches specific low-level SSL functions within the Secure Transport API in order to override, and disable the system's default certificate validation as well as any kind of custom certificate validation (such as certificate pinning).

ios-ssl-kill-switch - Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS Apps

  •    Objective-C

Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS Apps. Once installed on a jailbroken device, iOS SSL Kill Switch patches low-level SSL functions within the Secure Transport API, including SSLSetSessionOption() and SSLHandshake() in order to override and disable the system's default certificate validation as well as any kind of custom certificate validation (such as certificate pinning).

Android-SSL-TrustKiller - Bypass SSL certificate pinning for most applications

  •    Java

Blackbox tool to bypass SSL certificate pinning for most applications running on a device. This tool leverages Cydia Substrate to hook various methods in order to bypass certificate pinning by accepting any SSL certificate.

HackingFacebook - Kill Facebook for iOS's SSL Pinning

  •    Objective-C

Bypassing Facebook for iOS's SSL Pinning, allow us to capture decrypted HTTPS request send from Facebook, with tools like Charles. This repository shows how to kill the certificate pinning in Facebook for iOS without Jailbreak your device.

SSLUnpinning_Xposed - Android Xposed Module to bypass SSL certificate validation (Certificate Pinning)

  •    Java

Android Xposed Module to bypass SSL certificate validation (Certificate Pinning). If you need to intercept the traffic from an app which uses certificate pinning, with a tool like Burp Proxy, the SSLUnpinning will help you with this hard work! The SSLUnpinning through Xposed Framework, makes several hooks in SSL classes to bypass the certificate verifications for one specific app, then you can intercept all your traffic.


JustTrustMe - An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning

  •    Java

An xposed module that disables SSL certificate checking. This is useful for auditing an application which does certificate pinning. There also exists a nice framework built by @moxie to aid in pinning certs in your app: certificate pinning. An example of an application that does cert pinning is Twitter. If you would like to view the network traffic for this application, you must disable the certificate pinning.

PacketSender - Network utility for sending / receiving TCP, UDP, SSL

  •    C++

Packet Sender is an open source utility to allow sending and receiving TCP, UDP, and SSL (encrypted TCP) packets. The mainline branch officially supports Windows, Mac, and Desktop Linux (with Qt). Other places may recompile and redistribute Packet Sender. Packet Sender is free and licensed GPL v2 or later. It can be used for both commercial and personal use. Official releases of Packet Sender can be downloaded at PacketSender.com. Some places redistribute Packet Sender.

PolarSSL library - Crypto and SSL made easy

  •    C

Download PolarSSL PolarSSL is an SSL library written in ANSI C. PolarSSL makes it easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) products with as little hassle as possible. It is designed to be readable, documented, tested, loosely coupled and portable. It supports Symmetric encryption algorithms, hash algorithms, RSA with PKCS and X.509 certificate, SSL and TLS.

lua-resty-auto-ssl - On the fly (and free) SSL registration and renewal inside OpenResty/nginx with Let's Encrypt

  •    Perl

On the fly (and free) SSL registration and renewal inside OpenResty/nginx with Let's Encrypt. This uses the ssl_certificate_by_lua functionality in OpenResty 1.9.7.2+.

sslyze - Fast and powerful SSL/TLS server scanning library.

  •    Python

Fast and powerful SSL/TLS server scanning library for Python 2.7 and 3.4+. SSLyze is a Python library and a CLI tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL/TLS servers.

scapy-ssl_tls - SSL/TLS layers for scapy the interactive packet manipulation tool

  •    Python

SSL/TLS layers for scapy the interactive packet manipulation tool. SSL/TLS and DTLS layers and TLS utiltiy functions for Scapy.

certify - SSL Certificate Manager UI for Windows, powered by Let's Encrypt

  •    CSharp

The SSL/TLS Certificate Management GUI for Windows, powered by Let's Encrypt, allowing you to generate and install free SSL certificates for Windows/IIS (with automated renewal). Advanced users can explore the different validation modes, deployment modes and other advanced options.

Pitaya - 🏇 A Swift HTTP / HTTPS networking library just incidentally execute on machines

  •    Swift

Pitaya is a Swift HTTP / HTTPS networking library for people. Inspired by Alamofire and JustHTTP. Carthage is a decentralized dependency manager that automates the process of adding frameworks to your Cocoa application.

Nogotofail - Network Security Testing Tool

  •    Python

Nogotofail is a network security testing tool designed to help developers and security researchers spot and fix weak TLS/SSL connections and sensitive cleartext traffic on devices and applications in a flexible, scalable, powerful way. It includes testing for common SSL certificate verification issues, HTTPS and TLS/SSL library bugs, SSL and STARTTLS stripping issues, cleartext issues, and more.

s2n - an implementation of the TLS/SSL protocols from Amazon

  •    C

s2n is a C99 implementation of the TLS/SSL protocols that is designed to be simple, small, fast, and with security as a priority. s2n implements SSLv3, TLS1.0, TLS1.1, and TLS1.2. For encryption, s2n supports 128-bit and 256-bit AES, in the CBC and GCM modes, 3DES, and RC4. For forward secrecy, s2n supports both DHE and ECDHE.

django-sslserver - A SSL-enabled development server for Django

  •    Python

Django SSL Server is a SSL-enabled development server for the Django Framework. Please note that this should not be used for production setups. This app is intended for special use-cases. Most people should instead do a proper production deplyoment where a real webserver such as Apache or NGINX handles SSL.

IRC Mini Stunnel SSL

  •    

IRC SSL Tunnel is a utility that automatically intercepts connections with destination port of 994. This allows you to connect to IRC servers using a secure SSL connection (provided that the server supports connecting over SSL on port 994).

SSL-Explorer

  •    Java

SSL-Explorer is a fully-featured, web-based SSL VPN server. This project is no longer actively maintained as the SSL-Explorer technology has now been acquired by Barracuda Networks, Inc.

SSL-Explorer

  •    Java

SSL-Explorer is a fully-featured, web-based SSL VPN server. This project is no longer actively maintained as the SSL-Explorer technology has now been acquired by Barracuda Networks, Inc.

rack-ssl-enforcer - A simple Rack middleware to enforce ssl connections

  •    Ruby

Rack::SslEnforcer is a simple Rack middleware to enforce SSL connections. As of Version 0.2.0, Rack::SslEnforcer marks Cookies as secure by default (HSTS must be set manually). Tested against Ruby 1.8.7, 1.9.2, 1.9.3, 2.0.0, 2.1.10, 2.2.7, 2.3.4, 2.4.1, ruby-head, REE and the latest versions of Rubinius & JRuby.