SSL-audit A security related tool that helps finding weak rsa/dsa keys.
Download

SSL-audit Ranking & Summary

SSL-audit Tags

RSA OpenSSL RSA keys DSA keys DSA find weak keys

SSL-audit Description

A security related tool that helps finding weak rsa/dsa keys. SSL-audit is a security related tool that helps finding weak rsa/dsa keys as they are produced by corrupt Debian OpenSSL packages. Since this problem may affect other platforms indirectly, ssl-audit supports Windows and OSX, too.ssl-audit is heavily inspired by dowkd.pl by Florian Weimer. Unfortunately this has some major drawbacks: it is tailored towards a typical Unix/Linux environment, per default only scans according to Debian/Linux directory structure, and does not support other platform types like Windows. Here are some key features of "SSL-audit": · Platform independent: available for Unix, Windows and Mac OSX · Does not requires other tools like openssl or ssh to be installed. · Supported Keytypes: X.509/SSL: Certificates, Certificate Signing Requests (CSR), Private Keys (PEM), SSH: user identities (user keys), host keys, known-hosts files. OpenVPN: OpenVPN private key files · Supports scanning local files. · Blacklists are documented on a separate page. · Flexible: Keys and certificates are read directly. Prepared for other sources: other filetypes, Windows registry, a SSL/TLS connection, Much smaller blacklist, since we use a single fingerprinting algorithm independent of the key source. (This has to be researched). Requirements: · Python

SSL-audit Related Software