Parcourir la source

Merge e7fc797d53 into 945e21b6a4

pull/381/merge
Szilárd Pfeiffer il y a 1 an
committed by GitHub
Parent
révision
3edad1c125
Aucune clé connue n'a été trouvée dans la base pour cette signature ID de la clé GPG: 4AEE18F83AFDEB23
1 fichiers modifiés avec 32 ajouts et 1 suppressions
  1. +32
    -1
      README.md

+ 32
- 1
README.md Voir le fichier

@@ -210,7 +210,6 @@ Only main chapters:
&nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/packetfu/packetfu"><b>packetfu</b></a> - a mid-level packet manipulation library for Ruby.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://scapy.net/"><b>Scapy</b></a> - packet manipulation library; forge, send, decode, capture packets of a wide number of protocols.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/SecureAuthCorp/impacket"><b>impacket</b></a> - is a collection of Python classes for working with network protocols.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/arthepsy/ssh-audit"><b>ssh-audit</b></a> - is a tool for SSH server auditing.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://aria2.github.io/"><b>aria2</b></a> - is a lightweight multi-protocol & multi-source command-line download utility.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/x-way/iptables-tracer"><b>iptables-tracer</b></a> - observe the path of packets through the iptables chains.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/proabiral/inception"><b>inception</b></a> - a highly configurable tool to check for whatever you like against any number of hosts.<br>
@@ -266,6 +265,13 @@ Only main chapters:
&nbsp;&nbsp;:small_orange_diamond: <a href="https://hurl.dev"><b>Hurl</b></a> - is a command line tool to run and test HTTP requests with plain text.<br>
</p>

##### :black_small_square: SSH

<p>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://gitlab.com/coroner/cryptolyzer"><b>CryptoLyzer</b></a> - Fast and flexible server cryptographic (TLS/SSL/SSH/HTTP) settings analyzer.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/arthepsy/ssh-audit"><b>ssh-audit</b></a> - is a tool for SSH server auditing.<br>
</p>

##### :black_small_square: SSL

<p>
@@ -276,6 +282,7 @@ Only main chapters:
&nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/rbsec/sslscan"><b>sslscan</b></a> - tests SSL/TLS enabled services to discover supported cipher suites.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/drwetter/testssl.sh"><b>testssl.sh</b></a> - testing TLS/SSL encryption anywhere on any port.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/mozilla/cipherscan"><b>cipherscan</b></a> - a very simple way to find out which SSL ciphersuites are supported by a target.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://gitlab.com/coroner/cryptolyzer"><b>CryptoLyzer</b></a> - Fast and flexible server cryptographic (TLS/SSL/SSH/HTTP) settings analyzer.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="http://www.tarsnap.com/spiped.html"><b>spiped</b></a> - is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/certbot/certbot"><b>Certbot</b></a> - is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/FiloSottile/mkcert"><b>mkcert</b></a> - simple zero-config tool to make locally trusted development certificates with any names you'd like.<br>
@@ -503,6 +510,7 @@ Only main chapters:
&nbsp;&nbsp;:small_orange_diamond: <a href="https://securityheaders.com/"><b>Security Headers</b></a> - analyse the HTTP response headers (with rating system to the results).<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://observatory.mozilla.org/"><b>Observatory by Mozilla</b></a> - set of tools to analyze your website.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://webhint.io/"><b>webhint</b></a> - is a linting tool that will help you with your site's accessibility, speed, security, and more.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href="https://gitlab.com/coroner/cryptolyzer"><b>CryptoLyzer</b></a> - Fast and flexible server cryptographic (TLS/SSL/SSH/HTTP) settings analyzer.<br>
</p>

##### :black_small_square: DNS
@@ -1700,6 +1708,7 @@ text :arrow_left: encoded
* [du](#tool-du)
* [inotifywait](#tool-inotifywait)
* [openssl](#tool-openssl)
* [cryptolyzer](#tool-cryptolyzer)
* [secure-delete](#tool-secure-delete)
* [dd](#tool-dd)
* [gpg](#tool-gpg)
@@ -2959,6 +2968,28 @@ openssl req -noout -modulus -in request.csr | openssl md5) | uniq

___

##### Tool: [cryptolyzer](https://gitlab.com/coroner/cryptolyzer)

###### Check the cryptographic setting of a generic TLS server

```bash
cryptolyze tls all www.example.com
```

###### Check the cryptographic setting of a oppotunistic TLS server

```bash
cryptolyze tls all smtp://mail.example.com:25
```

###### Check the cryptographic setting of an SSH server

```bash
cryptolyze ssh all gitlab.com
```

___

##### Tool: [secure-delete](https://wiki.archlinux.org/index.php/Securely_wipe_disk)

###### Secure delete with shred


Chargement…
Annuler
Enregistrer