O-Saft
O-Saft copied to clipboard
OWASP
O-Saft - OWASP SSL advanced forensic tool
Please look at changing the hardcoded perl path of /usr/bin/perl to using env. For example: `#!/usr/bin/perl` to `#!/usr/bin/env perl`
:eyes: Some source code analysis tools can help to find opportunities for improving software components. :thought_balloon: I propose to [increase the usage of combined operators](https://perldoc.perl.org/perlop#Assignment-Operators "Description for assignment operators") accordingly....
Hostentries in the .o-saft.pl file aren't read if the hostname doesn't include a "-", same goes for ip-addresses. i.e: 8.8.8.8 / www.google.de is not working --HOST=host:port is working as intended....
Running the current Docker release of the tool, warns me about Net::SSLeay not supporting TLSv13: ``` user@tools:~$ sudo docker run --rm -it owasp/o-saft +check tld.com /O-Saft/o-saft.pl +check tld.com | cat...
Would be nice to be able to check for DNSSEC and TLSA record suport. See Swede for a tool that can do TLSA checking, however it dosen't do starttls: https://github.com/pieterlexis/swede/
How to quit/kill/stop the script when it hangs? Is there a keyboard command, escape key that works? The manual points out that: "If the specified targets accepts connections but does...
Some ciphers are valid for more than one SSL version. Some descriptions are missing.
Hi. Could you explain please how you have "up to 65535" cipher suites "per SSL protocol" ? I personally doesn't know any other cipher suite than [those 376 ones](https://docs.rs/rustls/latest/rustls/enum.CipherSuite.html). Thanks.
Hi, I think this feature could be resting : In one command to be able to associate a specific range to a specific protocol as an option of the +cipher...