From 3d1767f69a8ba6a70a6c080299ca01afb49066d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Szil=C3=A1rd=20Pfeiffer?= Date: Mon, 31 Jan 2022 18:21:08 +0000 Subject: [PATCH] add 'CryptoLyzer' --- README.md | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 2fe8eec..2be449c 100644 --- a/README.md +++ b/README.md @@ -209,7 +209,6 @@ Only main chapters:   :small_orange_diamond: packetfu - a mid-level packet manipulation library for Ruby.
  :small_orange_diamond: Scapy - packet manipulation library; forge, send, decode, capture packets of a wide number of protocols.
  :small_orange_diamond: impacket - is a collection of Python classes for working with network protocols.
-  :small_orange_diamond: ssh-audit - is a tool for SSH server auditing.
  :small_orange_diamond: aria2 - is a lightweight multi-protocol & multi-source command-line download utility.
  :small_orange_diamond: iptables-tracer - observe the path of packets through the iptables chains.
  :small_orange_diamond: inception - a highly configurable tool to check for whatever you like against any number of hosts.
@@ -262,6 +261,13 @@ Only main chapters:   :small_orange_diamond: http-observatory - Mozilla HTTP Observatory cli version.

+##### :black_small_square: SSH + +

+  :small_orange_diamond: CryptoLyzer - Fast and flexible server cryptographic (TLS/SSL/SSH/HTTP) settings analyzer.
+  :small_orange_diamond: ssh-audit - is a tool for SSH server auditing.
+

+ ##### :black_small_square: SSL

@@ -272,6 +278,7 @@ Only main chapters:   :small_orange_diamond: sslscan - tests SSL/TLS enabled services to discover supported cipher suites.
  :small_orange_diamond: testssl.sh - testing TLS/SSL encryption anywhere on any port.
  :small_orange_diamond: cipherscan - a very simple way to find out which SSL ciphersuites are supported by a target.
+  :small_orange_diamond: CryptoLyzer - Fast and flexible server cryptographic (TLS/SSL/SSH/HTTP) settings analyzer.
  :small_orange_diamond: spiped - is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses.
  :small_orange_diamond: Certbot - is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server.
  :small_orange_diamond: mkcert - simple zero-config tool to make locally trusted development certificates with any names you'd like.
@@ -1686,6 +1693,7 @@ text :arrow_left: encoded * [du](#tool-du) * [inotifywait](#tool-inotifywait) * [openssl](#tool-openssl) + * [cryptolyzer](#tool-cryptolyzer) * [secure-delete](#tool-secure-delete) * [dd](#tool-dd) * [gpg](#tool-gpg) @@ -2943,6 +2951,28 @@ openssl req -noout -modulus -in request.csr | openssl md5) | uniq ___ +##### Tool: [cryptolyzer](https://gitlab.com/coroner/cryptolyzer) + +###### Check the cryptographic setting of a generic TLS server + +```bash +cryptolyze tls all www.example.com +``` + +###### Check the cryptographic setting of a oppotunistic TLS server + +```bash +cryptolyze tls all smtp://mail.example.com:25 +``` + +###### Check the cryptographic setting of an SSH server + +```bash +cryptolyze ssh all gitlab.com +``` + +___ + ##### Tool: [secure-delete](https://wiki.archlinux.org/index.php/Securely_wipe_disk) ###### Secure delete with shred