Szilárd Pfeiffer
1 year ago
committed by
GitHub
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 32 additions and 1 deletions
Split View
Diff Options
-
+32 -1README.md
+ 32
- 1
README.md
View File
| @@ -210,7 +210,6 @@ Only main chapters: | |||
| :small_orange_diamond: <a href="https://github.com/packetfu/packetfu"><b>packetfu</b></a> - a mid-level packet manipulation library for Ruby.<br> | |||
| :small_orange_diamond: <a href="https://scapy.net/"><b>Scapy</b></a> - packet manipulation library; forge, send, decode, capture packets of a wide number of protocols.<br> | |||
| :small_orange_diamond: <a href="https://github.com/SecureAuthCorp/impacket"><b>impacket</b></a> - is a collection of Python classes for working with network protocols.<br> | |||
| :small_orange_diamond: <a href="https://github.com/arthepsy/ssh-audit"><b>ssh-audit</b></a> - is a tool for SSH server auditing.<br> | |||
| :small_orange_diamond: <a href="https://aria2.github.io/"><b>aria2</b></a> - is a lightweight multi-protocol & multi-source command-line download utility.<br> | |||
| :small_orange_diamond: <a href="https://github.com/x-way/iptables-tracer"><b>iptables-tracer</b></a> - observe the path of packets through the iptables chains.<br> | |||
| :small_orange_diamond: <a href="https://github.com/proabiral/inception"><b>inception</b></a> - a highly configurable tool to check for whatever you like against any number of hosts.<br> | |||
| @@ -266,6 +265,13 @@ Only main chapters: | |||
| :small_orange_diamond: <a href="https://hurl.dev"><b>Hurl</b></a> - is a command line tool to run and test HTTP requests with plain text.<br> | |||
| </p> | |||
| ##### :black_small_square: SSH | |||
| <p> | |||
| :small_orange_diamond: <a href="https://gitlab.com/coroner/cryptolyzer"><b>CryptoLyzer</b></a> - Fast and flexible server cryptographic (TLS/SSL/SSH/HTTP) settings analyzer.<br> | |||
| :small_orange_diamond: <a href="https://github.com/arthepsy/ssh-audit"><b>ssh-audit</b></a> - is a tool for SSH server auditing.<br> | |||
| </p> | |||
| ##### :black_small_square: SSL | |||
| <p> | |||
| @@ -276,6 +282,7 @@ Only main chapters: | |||
| :small_orange_diamond: <a href="https://github.com/rbsec/sslscan"><b>sslscan</b></a> - tests SSL/TLS enabled services to discover supported cipher suites.<br> | |||
| :small_orange_diamond: <a href="https://github.com/drwetter/testssl.sh"><b>testssl.sh</b></a> - testing TLS/SSL encryption anywhere on any port.<br> | |||
| :small_orange_diamond: <a href="https://github.com/mozilla/cipherscan"><b>cipherscan</b></a> - a very simple way to find out which SSL ciphersuites are supported by a target.<br> | |||
| :small_orange_diamond: <a href="https://gitlab.com/coroner/cryptolyzer"><b>CryptoLyzer</b></a> - Fast and flexible server cryptographic (TLS/SSL/SSH/HTTP) settings analyzer.<br> | |||
| :small_orange_diamond: <a href="http://www.tarsnap.com/spiped.html"><b>spiped</b></a> - is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses.<br> | |||
| :small_orange_diamond: <a href="https://github.com/certbot/certbot"><b>Certbot</b></a> - is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server.<br> | |||
| :small_orange_diamond: <a href="https://github.com/FiloSottile/mkcert"><b>mkcert</b></a> - simple zero-config tool to make locally trusted development certificates with any names you'd like.<br> | |||
| @@ -503,6 +510,7 @@ Only main chapters: | |||
| :small_orange_diamond: <a href="https://securityheaders.com/"><b>Security Headers</b></a> - analyse the HTTP response headers (with rating system to the results).<br> | |||
| :small_orange_diamond: <a href="https://observatory.mozilla.org/"><b>Observatory by Mozilla</b></a> - set of tools to analyze your website.<br> | |||
| :small_orange_diamond: <a href="https://webhint.io/"><b>webhint</b></a> - is a linting tool that will help you with your site's accessibility, speed, security, and more.<br> | |||
| :small_orange_diamond: <a href="https://gitlab.com/coroner/cryptolyzer"><b>CryptoLyzer</b></a> - Fast and flexible server cryptographic (TLS/SSL/SSH/HTTP) settings analyzer.<br> | |||
| </p> | |||
| ##### :black_small_square: DNS | |||
| @@ -1700,6 +1708,7 @@ text :arrow_left: encoded | |||
| * [du](#tool-du) | |||
| * [inotifywait](#tool-inotifywait) | |||
| * [openssl](#tool-openssl) | |||
| * [cryptolyzer](#tool-cryptolyzer) | |||
| * [secure-delete](#tool-secure-delete) | |||
| * [dd](#tool-dd) | |||
| * [gpg](#tool-gpg) | |||
| @@ -2959,6 +2968,28 @@ openssl req -noout -modulus -in request.csr | openssl md5) | uniq | |||
| ___ | |||
| ##### Tool: [cryptolyzer](https://gitlab.com/coroner/cryptolyzer) | |||
| ###### Check the cryptographic setting of a generic TLS server | |||
| ```bash | |||
| cryptolyze tls all www.example.com | |||
| ``` | |||
| ###### Check the cryptographic setting of a oppotunistic TLS server | |||
| ```bash | |||
| cryptolyze tls all smtp://mail.example.com:25 | |||
| ``` | |||
| ###### Check the cryptographic setting of an SSH server | |||
| ```bash | |||
| cryptolyze ssh all gitlab.com | |||
| ``` | |||
| ___ | |||
| ##### Tool: [secure-delete](https://wiki.archlinux.org/index.php/Securely_wipe_disk) | |||
| ###### Secure delete with shred | |||