Kali
JARM is an active Transport Layer Security (TLS) server fingerprinting tool. JARM fingerprints can be used to: Quickly verify that all servers in a group have the same TLS configuration. Group disparate servers on the internet by configuration, identifying that a server may belong to Google vs. Salesforce vs. Apple, for example. Identify default applications …
Continue reading “Jarm : Active Transport Layer Security (TLS) server fingerprinting tool”
SNIcat is a proof of concept tool that performs data exfiltration, utilizing a covert channel method via. Server Name Indication, a TLS Client Hello Extension. The tool consists of an agent which resides on the compromised internal host, and a Command&Control Server which controls the agent and gathers exfiltrated data. Background & Scenario We discovered …
Continue reading “SNIcat : Server Name Indication Concatenator”
TLS-Scanner is a tool created by the Chair for Network and Data Security from the Ruhr-University Bochum to assist pentesters and security researchers in the evaluation of TLS Server configurations. Note: It is a research tool intended for TLS developers, pentesters, administrators and researchers. There is no GUI. It is in the first version and …
Continue reading “TLS-Scanner : The TLS-Scanner Module from TLS-Attacker”
