Saturday, May 21, 2016

SSLsplit: Tool for man-in-the-middle attacks against SSL/TLS encrypted network connections.

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encryptednetwork connections. Connections are transparently intercepted through anetwork address translation engine and redirected to SSLsplit. SSLsplitterminates SSL/TLS and initiates a new SSL/TLS connection to the originaldestination address, while logging all data transmitted. SSLsplit is intendedto be useful for network forensics and penetration testing.

SSLsplit supports plain TCP, plain SSL, HTTP and HTTPS connections over both
IPv4 and IPv6. For SSL and HTTPS connections, SSLsplit erates and signs
forged X509v3 certifies on-the-fly, based on the original server certifie
subject DN and subjectAltName extension. SSLsplit fully supports Server Name
Indiion (SNI) and is able to work with RSA, DSA and ESA and DHE and
EHE cipher suites. SSLsplit can also use existing certifies of which the
private is available, instd of erating forged ones. SSLsplit supports
-prefix CN certifies and can deny OCSP requests in a eric way.

SSLsplit version 0.4.5 relsed on Nov 07, change logs are
- Add support for 2048 and 4096 bit Diffie-Hellman.
- Fix syslog error messages (issue #6).
- Fix thrding issues in daemon mode (issue #5).
- Fix address family check in netfilter NAT lookup (issue #4).
- Fix build on recent glibc systems (issue #2).
- Minor and build process improvements.

Download the SSLsplit

No comments:

Post a Comment