Nytro Posted October 1, 2013 Report Posted October 1, 2013 [h=1]SSLsplit: Tool for man-in-the-middle attacks against SSL/TLS encrypted network connections.[/h][h=1][/h] SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encryptednetwork connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.SSLsplit supports plain TCP, plain SSL, HTTP and HTTPS connections over bothIPv4 and IPv6. For SSL and HTTPS connections, SSLsplit generates and signsforged X509v3 certificates on-the-fly, based on the original server certificatesubject DN and subjectAltName extension. SSLsplit fully supports Server NameIndication (SNI) and is able to work with RSA, DSA and ECDSA keys and DHE andECDHE cipher suites. SSLsplit can also use existing certificates of which theprivate key is available, instead of generating forged ones. SSLsplit supportsNULL-prefix CN certificates and can deny OCSP requests in a generic way.SSLsplit version 0.4.5 released on Nov 07, change logs are- Add support for 2048 and 4096 bit Diffie-Hellman.- Fix syslog error messages (issue #6).- Fix threading issues in daemon mode (issue #5).- Fix address family check in netfilter NAT lookup (issue #4).- Fix build on recent glibc systems (issue #2).- Minor code and build process improvements.[h=3]Download the SSLsplit [/h] Posted 27th November 2012 by BreakTheSec Sursa: Ethical Hacking Software and Security Tools: SSLsplit: Tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Quote
