Home
Projects
Resources
Alternatives
Blog
Sign In
Striptls Versions
Save
proxy poc implementation of STARTTLS stripping attacks
Overview
Versions
Reviews
Resources
v0.5
6 years ago
minor fix detecting xmpp starttls tags
dynamic creation of temporary self-signed certificate for interception (requires pyOpenSSL)
v0.4
8 years ago
added generic ssl/tls detection and interception
minor changes to logging
added GENERIC.Intercept, GENERIC.InboundIntercept, SMTP.InboundStarttlsProxy
v0.3
8 years ago
improves socket handling
nonblocking ssl read/write mode to prevent striptls from stalling with large ssl payloads (e.g. large mail attachments)
improves errorhandling
adds SMTP.InboundStarttlsProxy, SMTP.InjectCommand, IMAP.DowngradeToV2
fixes witnesses
adds IRC and ACAP protocol support
log ssl context (cipher/version)
v0.2
8 years ago
fixed transparent forwarding bug for unhandled protocols
verified IMAP, POP3, NNTP, FTP, XMPP
added SMTP.ProtocolDowngradeStripExtendedMode
added POP3.StripFromCapabilities
added XMPP.StripInboundTLS, XMPP.UntrustedIntercept
added vulnerability checks
v0.1
8 years ago
initial release
audit mode
vectors for SMTP, IMAP, POP3, NNTP, FTP, XMPP
vector types: StripFromCapabilities, StripWithInvalidResponseCode, UntrustedIntercept, StripWithTemporaryError, StripWithError
Home
Projects
Resources
Alternatives
Blog
Sign In
Sign In to OSA
I agree with
Terms of Service
and
Privacy Policy
Sign In with Github