Displaying 1 to 20 from 187 results

acme - :lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)

  •    Go

acmetool is an easy-to-use command line tool for automatically acquiring certificates from ACME servers (such as Let's Encrypt). Designed to flexibly integrate into your webserver setup to enable automatic verification. Unlike the official Let's Encrypt client, this doesn't modify your web server configuration.You can perform verifications using port 80 or 443 (if you don't yet have a server running on one of them); via webroot; by configuring your webserver to proxy requests for /.well-known/acme-challenge/ to a special port (402) which acmetool can listen on; or by configuring your webserver not to listen on port 80, and instead running acmetool's built in HTTPS redirector (and challenge responder) on port 80. This is useful if all you want to do with port 80 is redirect people to port 443.

fenix - A simple and visual static web server with collaboration features.

  •    Javascript

Fenix is a desktop web server for developers. Check out fenixwebserver.com for details. There's also a companion command line app. There are some YouTube videos available as well.Fenix 3 is currently in developer preview (macOS). Windows versions are nearly complete.




sites-using-cloudflare - :broken_heart: Archived list of domains using Cloudflare DNS at the time of the CloudBleed announcement

  •    

This is an (archived) list of sites on Cloudflare DNS at the time of the CloudBleed HTTPS traffic leak announcement. Original vuln thread by Google Project Zero.This list is archived and no longer under active maintenance. It may contain stale or inaccurate data that will not be corrected. Do not link to it from press releases, it is not intended for end-users. If people want to find it, they can Google it.

OpenSSL - Toolkit for SSL and TLS

  •    C

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

Kitura - A Swift web framework and HTTP server.

  •    Swift

Kitura is a web framework and web server that is created for web services written in Swift. For more information, visit www.kitura.io. Visit www.kitura.io for a Getting Started guide, tutorials, and API reference documentation.

PacketSender - Network utility for sending / receiving TCP, UDP, SSL

  •    C++

Packet Sender is an open source utility to allow sending and receiving TCP, UDP, and SSL (encrypted TCP) packets. The mainline branch officially supports Windows, Mac, and Desktop Linux (with Qt). Other places may recompile and redistribute Packet Sender. Packet Sender is free and licensed GPL v2 or later. It can be used for both commercial and personal use. Official releases of Packet Sender can be downloaded at PacketSender.com. Some places redistribute Packet Sender.


docker-mailserver - A fullstack but simple mailserver (smtp, imap, antispam, antivirus, ssl

  •    Shell

A fullstack but simple mail server (smtp, imap, antispam, antivirus...). Only configuration files, no SQL database. Keep it simple and versioned. Easy to deploy and upgrade. Before you open an issue, please have a look this README, the Wiki and Postfix/Dovecot documentation.

lua-resty-auto-ssl - On the fly (and free) SSL registration and renewal inside OpenResty/nginx with Let's Encrypt

  •    Perl

On the fly (and free) SSL registration and renewal inside OpenResty/nginx with Let's Encrypt. This uses the ssl_certificate_by_lua functionality in OpenResty 1.9.7.2+.

ssl-kill-switch2 - Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps

  •    C

Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps. Second iteration of https://github.com/iSECPartners/ios-ssl-kill-switch . Once loaded into an iOS or OS X App, SSL Kill Switch 2 patches specific low-level SSL functions within the Secure Transport API in order to override, and disable the system's default certificate validation as well as any kind of custom certificate validation (such as certificate pinning).

sslyze - Fast and powerful SSL/TLS server scanning library.

  •    Python

Fast and powerful SSL/TLS server scanning library for Python 2.7 and 3.4+. SSLyze is a Python library and a CLI tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL/TLS servers.

KeyBox - Web-based SSH console that centrally manages administrative access to systems

  •    Java

KeyBox is an open-source web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys. Key management and administration is based on profiles assigned to defined users. KeyBox layers TLS/SSL on top of SSH and acts as a bastion host for administration. Protocols are stacked (TLS/SSL + SSH) so infrastructure cannot be exposed through tunneling / port forwarding.

auto-sni - 🔐 Free, automated HTTPS for NodeJS made easy.

  •    Javascript

If you have any questions, throw them up on gitter. AutoSNI requires access to low level ports 80 (http) and 443 (https) to operate by default. These ports are typically restricted by the operating system.

badssl.com - :lock: Memorable site for testing clients against bad SSL configs.

  •    HTML

Stock Ubuntu VM, DNS A records for badssl.com. and *.badssl.com. pointing to the VM. Follow the instructions to install Docker.

beast - HTTP and WebSocket built on Boost.Asio in C++11

  •    C++

Beast is a C++ header-only library serving as a foundation for writing interoperable networking libraries by providing low-level HTTP/1, WebSocket, and networking protocol vocabulary types and algorithms using the consistent asynchronous model of Boost.Asio. Symmetry: Algorithms are role-agnostic; build clients, servers, or both.

mitmproxy - Intercept HTTP traffic for penetration testing

  •    Python

mitmproxy is an interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers. mitmproxy is an interactive, SSL-capable intercepting proxy with a console interface. mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP. mitmweb is a web-based interface for mitmproxy.

rustls - A modern TLS library in Rust

  •    Rust

Rustls is a modern TLS library written in Rust. It's pronounced 'rustles'. It uses ring for cryptography and libwebpki for certificate verification. Rustls is currently in development and hence unstable. Here's what I'm working on now.

testssl.sh - Testing TLS/SSL encryption anywhere on any port

  •    Shell

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. Or help yourself downloading the ZIP archive https://github.com/drwetter/testssl.sh/archive/2.9dev.zip. testssl.sh --help will give you some help upfront. More help: see doc directory with man pages. Older sample runs are at https://testssl.sh/.