From e7fc797d5385631525c408be49d6ca5e5a1e8981 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Szil=C3=A1rd=20Pfeiffer?= Date: Tue, 13 Dec 2022 23:29:35 +0100 Subject: [PATCH] add 'CryptoLyzer' --- README.md | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index ab7c2d7..c4334db 100644 --- a/README.md +++ b/README.md @@ -210,7 +210,6 @@ Only main chapters:   :small_orange_diamond: packetfu - a mid-level packet manipulation library for Ruby.
  :small_orange_diamond: Scapy - packet manipulation library; forge, send, decode, capture packets of a wide number of protocols.
  :small_orange_diamond: impacket - is a collection of Python classes for working with network protocols.
-  :small_orange_diamond: ssh-audit - is a tool for SSH server auditing.
  :small_orange_diamond: aria2 - is a lightweight multi-protocol & multi-source command-line download utility.
  :small_orange_diamond: iptables-tracer - observe the path of packets through the iptables chains.
  :small_orange_diamond: inception - a highly configurable tool to check for whatever you like against any number of hosts.
@@ -266,6 +265,13 @@ Only main chapters:   :small_orange_diamond: Hurl - is a command line tool to run and test HTTP requests with plain text.

+##### :black_small_square: SSH + +

+  :small_orange_diamond: CryptoLyzer - Fast and flexible server cryptographic (TLS/SSL/SSH/HTTP) settings analyzer.
+  :small_orange_diamond: ssh-audit - is a tool for SSH server auditing.
+

+ ##### :black_small_square: SSL

@@ -276,6 +282,7 @@ Only main chapters:   :small_orange_diamond: sslscan - tests SSL/TLS enabled services to discover supported cipher suites.
  :small_orange_diamond: testssl.sh - testing TLS/SSL encryption anywhere on any port.
  :small_orange_diamond: cipherscan - a very simple way to find out which SSL ciphersuites are supported by a target.
+  :small_orange_diamond: CryptoLyzer - Fast and flexible server cryptographic (TLS/SSL/SSH/HTTP) settings analyzer.
  :small_orange_diamond: spiped - is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses.
  :small_orange_diamond: Certbot - is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server.
  :small_orange_diamond: mkcert - simple zero-config tool to make locally trusted development certificates with any names you'd like.
@@ -503,6 +510,7 @@ Only main chapters:   :small_orange_diamond: Security Headers - analyse the HTTP response headers (with rating system to the results).
  :small_orange_diamond: Observatory by Mozilla - set of tools to analyze your website.
  :small_orange_diamond: webhint - is a linting tool that will help you with your site's accessibility, speed, security, and more.
+  :small_orange_diamond: CryptoLyzer - Fast and flexible server cryptographic (TLS/SSL/SSH/HTTP) settings analyzer.

##### :black_small_square: DNS @@ -1700,6 +1708,7 @@ text :arrow_left: encoded * [du](#tool-du) * [inotifywait](#tool-inotifywait) * [openssl](#tool-openssl) + * [cryptolyzer](#tool-cryptolyzer) * [secure-delete](#tool-secure-delete) * [dd](#tool-dd) * [gpg](#tool-gpg) @@ -2959,6 +2968,28 @@ openssl req -noout -modulus -in request.csr | openssl md5) | uniq ___ +##### Tool: [cryptolyzer](https://gitlab.com/coroner/cryptolyzer) + +###### Check the cryptographic setting of a generic TLS server + +```bash +cryptolyze tls all www.example.com +``` + +###### Check the cryptographic setting of a oppotunistic TLS server + +```bash +cryptolyze tls all smtp://mail.example.com:25 +``` + +###### Check the cryptographic setting of an SSH server + +```bash +cryptolyze ssh all gitlab.com +``` + +___ + ##### Tool: [secure-delete](https://wiki.archlinux.org/index.php/Securely_wipe_disk) ###### Secure delete with shred