TLS Prober
TLS Prober is a tool for identifying the implementation in use by SSL/TLS servers. It analyses the behavior of a server by sending a range of probes then comparing the responses with a database of known signatures. Key features include:
- Requires no knowledge of the server configuration.
- Does not rely on the supported cipher suites (since administrators often change those).
- Successfully identifies openssl, schannel, Java (JSSE), wolfSSL (previously CyaSSL), GnuTLS, MatrixSSL, mbedTLS (previously PolarSSL).
- Supports both pure SSL/TLS protocols like HTTPS and those that use STARTTLS such as SMTP and POP3.
- Resilient against differences in the build options used by a given server.
- Extensible – you can easily record the signatures of additional implementations.
Installation
git clone https://github.com/WestpointLtd/tls_prober.git
cd tls_prober/ && git submodule update --init
Usage
Usage: prober.py server [options]
A tool to fingerprint SSL/TLS servers
Options:
-h, --help show this help message and exit
-p PORT, --port=PORT TCP port to test (default: 443)
-m MATCHES, --matches=MATCHES
Only display the first N matching scores(default: 0
which displays them all)
-d, --debug Print debugging messages
-s STARTTLS, --starttls=STARTTLS
Enable a starttls mode. The available modes are: auto,
smtp, ftp, pop3, imap, none
-t PROBE, --probe=PROBE
Run the specified probe
-a ADD, --add=ADD Add the specified fingerprint to the database
-l, --list List the fingerprints of the target
--list-probes List the available probes
-v, --version Display the version information
Copyright (c) 2014-2015 Richard Moore <rich@kde.org>
Source: https://github.com/WestpointLtd/
No comments:
Post a Comment