The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight SSL/TLS library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments - primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments as well because of its royalty-free pricing and excellent cross platform support.
wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.2 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as ChaCha20, Curve25519, NTRU, and Blake2b. User benchmarking and feedback reports dramatically better performance when using wolfSSL over OpenSSL.
Tags | ssl tls cryptography embedded security cipher-suites openssl openssl-library openssl-alternvative tls13 dtls sgx-enclave tls-library trusted-execution https docker decryption iot-security |
Implementation | C |
License | GPLv2 |
Platform | Windows Linux |
MesaLink is a memory-safe and OpenSSL-compatible TLS library. Since 2014, the industry has seen a huge impact and loss due to memory vulnerabilities in TLS stacks; such as the infamous "Heartbleed" bug. MesaLink is born with the goal of eradicating memory vulnerabilities in TLS stacks; and it is written in Rust, a programming language that guarantees memory safety. This significantly reduces the attack surfaces; which further facilitates auditing and restricting the remaining attack surfaces. MesaLink is cross-platform and provides OpenSSL-compatible APIs. It works seamlessly in desktop, mobile, and IoT devices. With the growth of the ecosystem, MesaLink would also be adopted in the server environment in the future. To get better functionality along with strong security guarantees, MesaLink follows the following rules-of-thumb for hybrid memory-safe architecture designing proposed by the Rust SGX SDK project.
tls openssl securitySSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. It is intended to be useful for network forensics, application security analysis and penetration testing. SSLsplit is designed to transparently terminate connections that are redirected to it using a network address translation engine. SSLsplit then terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted.
tls ssl http https nat sni transparent-proxy starttls sslsplit tls-interception man-in-the-middle mitmThe OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
ssl tls cryptography securityTLS/SSL and crypto library
cryptography openssl encryption tls ssl decryptionOpenSSL is the most powerful SSL and TLS library available which wraps a full cryptographic library. The library is written in pure C and due to its endless size and not-so-well-designed C interface it is very hard for beginners to step into it. The aim of the MIHCrypto library is to provide an object-oriented interface which allows developers to write simple and clean code by still using the power of the OpenSSL libCrypto library. OpenSSL is a very large library so (yet) not the whole library is wrapped by MIHCrypto. Since I am developing the library because personal needs focus of the functionallity is on modern cryptographic apporaches, but everybody is welcome to contribute other parts to the library.
Note: The Python Cryptographic Authority strongly suggests the use of pyca/cryptography where possible. If you are using pyOpenSSL for anything other than making a TLS connection you should move to cryptography and drop your pyOpenSSL dependency. ... and much more.
cryptography openssl tls ssltestssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. Or help yourself downloading the ZIP archive https://github.com/drwetter/testssl.sh/archive/2.9dev.zip. testssl.sh --help will give you some help upfront. More help: see doc directory with man pages. Older sample runs are at https://testssl.sh/.
tls cipher openssl logjam socket hpkp ct hsts bigip caa freak drown heartbleed rc4 ocsp ticketbleed crime poodle sslCipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl s_client command line.Cipherscan is meant to run on all flavors of unix. It ships with its own built of OpenSSL for Linux/64 and Darwin/64. On other platform, it will use the openssl version provided by the operating system (which may have limited ciphers support), or your own version provided in the -o command line flag.
Fast and powerful SSL/TLS server scanning library for Python 2.7 and 3.4+. SSLyze is a Python library and a CLI tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL/TLS servers.
ssl scans ssllabs library tls security tls13Rustls is a modern TLS library written in Rust. It's pronounced 'rustles'. It uses ring for cryptography and libwebpki for certificate verification. It aims to provide a good level of cryptographic security, requires no configuration to achieve that security, and provides no unsafe features or obsolete cryptography.
tls cryptography ssl security rsaRustls is a modern TLS library written in Rust. It uses ring for cryptography and libwebpki for certificate verification. Rustls aims to provide a good level of cryptographic security, requires no configuration to achieve that security, and provides no unsafe features or obsolete cryptography.
tls ssl cryptography securityBoringSSL is a fork of OpenSSL that is designed to meet Google's needs. BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.
ssl openssl secure-socket cryptographyBotan (Japanese for peony) is a cryptography library written in C++11. Botan's goal is to be the best option for cryptography in new C++ code by offering the tools necessary to implement a range of practical systems, such as TLS/DTLS, PKIX certificate handling, PKCS#11 and TPM hardware support, password hashing, and post quantum crypto schemes. In addition to the C++, botan has a C89 API specifically designed to be easy to call from other languages. A Python binding using ctypes is included, and several other language bindings are available.
cryptography crypto security pgp ssl secure-libraryBee2evp is a cryptographic library which encapsulates Bee2 into OpenSSL. Bee2evp provides cryptographic services using the EVP interface. Bee2evp is organized as an OpenSSL engine.
openssl ssl cryptography openssl-librarys2n is a C99 implementation of the TLS/SSL protocols that is designed to be simple, small, fast, and with security as a priority. s2n implements SSLv3, TLS1.0, TLS1.1, and TLS1.2. For encryption, s2n supports 128-bit and 256-bit AES, in the CBC and GCM modes, 3DES, and RC4. For forward secrecy, s2n supports both DHE and ECDHE.
ssl tls ssl-library security cryptographyA TLS terminator for superheroes.Bud is implemented fully in C, with the exception to the tests which are running on node.js. The networking level is provided by libuv, and the SSL implementation by OpenSSL 1.0.2h.
bud tls opensslTLS is an OpenSSL / RSA-bsafe Tcl extension that provides secure connections on top of the Tcl socket mechanism. Within a few lines of code, users can query https servers (see the tclhttpd project for an https server using TLS).
Nogotofail is a network security testing tool designed to help developers and security researchers spot and fix weak TLS/SSL connections and sensitive cleartext traffic on devices and applications in a flexible, scalable, powerful way. It includes testing for common SSL certificate verification issues, HTTPS and TLS/SSL library bugs, SSL and STARTTLS stripping issues, cleartext issues, and more.
penetration-testing pentesting vulnerability-scanner testing-tool security-testing network-testingDownload PolarSSL PolarSSL is an SSL library written in ANSI C. PolarSSL makes it easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) products with as little hassle as possible. It is designed to be readable, documented, tested, loosely coupled and portable. It supports Symmetric encryption algorithms, hash algorithms, RSA with PKCS and X.509 certificate, SSL and TLS.
crypto security certificate ssl tlsFuzzer and test suite for TLS (SSLv2, SSLv3, v1.0, v1.1, v1.2, v1.3) implementations. Early alpha version - thus no API stability guarantees.
tlslite-ng tls ssl security-audit security-vulnerability test-framework test-automation testing-tools test-suite tlslite protocol-verifier protocol-tester automation rfc-compliance standard-conformity standards robot drown tls13 tls12
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.