Posts

Showing posts from December, 2014

SSL Breacher Update

2014-12-25 =========== - SSL LABs scan support; its PDF report will be saved [required WKHTMLTOPDF http://wkhtmltopdf.org/downloads.html] - Updated Firefox root cert - All dependencies (Java,Python,WKHTMLPDF) are bundled together in Windows platform and can be activated via breacher64.cmd - Result outputs are now moved to /output/{host} folder - Added bash scripts for scanning hosts in file (breacher_filelist.sh, breacher64_filelist.cmd) 2014-12-22 =========== Medium-strength ciphers check for high-security required sites 2014-11-30 =========== Improved check for FS cipher and GCM/CCM mode ciphers by reporting exception if not in server's preferred ciphers 2014-10-18 =========== Added POODLE vulnerability check Fixed bug in HTTP elements embedded in SSL page Introduced breacher.config to select all  (default) or desired SSL checks 2014-10-05 =========== Added warning for SHA1 hashing algorithm in certificate check - https://community.qualys.com/blogs/secu

SSL Breacher - Yet Another SSL Test Tool

This is our version of SSL test tool mainly meant for your Internal assessment which you can't use famous online SSL labs scanner . We don't re-invent the wheel but combine all the best tools together with our own checks that we think other tools are missing. Running several tools each time has made us sick. With this Breacher tool, you will get all what you need. Version: 20141019 Download: http://yehg.net/lab/pr0js/tools/breacher-optimized.zip Price: Donationware Supported Checks Main SSL Checks ------------------------ 1. HeartBleed 2. ChangeCipherSpecs Injection 3. POODLE (due to SSLv3 support) 4. BEAST 5. BREACH 6. Lucky13 7. CRIME & TIME (If CRIME is detected, TIME will also be reported) 8. RC4 support 9. Forward Secrecy support 10. SSLv2 support 11. Weak ciphers check (LOW,ANON,NULL,EXPORT) 12. Insecure Renegotiation Certificate Validation Check ---------------------------------- 1. Certificate expiration 2. Insufficient public key-le