:
:

Powered by GetResponse email marketing software

Anyone Can Make Money Online

Why You Need To Read This Blog About "Anyone Can Make Money Online"

Monday, January 22, 2024

Scanning TLS Server Configurations With Burp Suite

In this post, we present our new Burp Suite extension "TLS-Attacker".
Using this extension penetration testers and security researchers can assess the security of TLS server configurations directly from within Burp Suite.
The extension is based on the TLS-Attacker framework and the TLS-Scanner, both of which are developed by the Chair for Network and Data Security.

You can find the latest release of our extension at: https://github.com/RUB-NDS/TLS-Attacker-BurpExtension/releases

TLS-Scanner

Thanks to the seamless integration of the TLS-Scanner into the BurpSuite, the penetration tester only needs to configure a single parameter: the host to be scanned.  After clicking the Scan button, the extension runs the default checks and responds with a report that allows penetration testers to quickly determine potential issues in the server's TLS configuration.  Basic tests check the supported cipher suites and protocol versions.  In addition, several known attacks on TLS are automatically evaluated, including Bleichenbacher's attack, Padding Oracles, and Invalid Curve attacks.

Furthermore, the extension allows fine-tuning for the configuration of the underlying TLS-Scanner.  The two parameters parallelProbes and overallThreads can be used to improve the scan performance (at the cost of increased network load and resource usage).

It is also possible to configure the granularity of the scan using Scan Detail and Danger Level. The level of detail contained in the returned scan report can also be controlled using the Report Detail setting.

Please refer to the GitHub repositories linked above for further details on configuration and usage of TLS-Scanner.

Scan History 

If several hosts are scanned, the Scan History tab keeps track of the preformed scans and is a useful tool when comparing the results of subsequent scans.

Additional functions will follow in later versions

Currently, we are working on integrating an at-a-glance rating mechanism to allow for easily estimating the security of a scanned host's TLS configuration.

This is a combined work of Nurullah Erinola, Nils Engelbertz, David Herring, Juraj Somorovsky, Vladislav Mladenov, and Robert Merget.  The research was supported by the European Commission through the FutureTrust project (grant 700542-Future-Trust-H2020-DS-2015-1).

If you would like to learn more about TLS, Juraj and Robert will give a TLS Training at Ruhrsec on the 27th of May 2019. There are still a few seats left.

Related news


  1. Underground Hacker Sites
  2. Pentest Automation Tools
  3. Computer Hacker
  4. Hacks And Tools
  5. Nsa Hacker Tools
  6. Hack Tools Download
  7. Android Hack Tools Github
  8. Tools For Hacker
  9. Hacker Tools For Pc
  10. Pentest Tools Website
  11. New Hack Tools
  12. Pentest Tools Free
  13. Growth Hacker Tools
  14. Hacker Tool Kit
  15. Wifi Hacker Tools For Windows
  16. Hacker Tools Linux
  17. Hacking Tools Github
  18. Hacking Tools For Mac
  19. Pentest Tools Android
  20. Hacker Tools For Windows
  21. Hacking Tools For Windows
  22. New Hacker Tools
  23. Easy Hack Tools
  24. Black Hat Hacker Tools
  25. World No 1 Hacker Software
  26. Hacker Tools Free
  27. Hacker
  28. Hacker Tools
  29. Pentest Tools Nmap
  30. Hacker Tools For Ios
  31. Hack Tools For Mac
  32. Free Pentest Tools For Windows
  33. Pentest Tools List
  34. Usb Pentest Tools
  35. Hacking Tools For Pc
  36. Usb Pentest Tools
  37. Hacking Tools Name
  38. How To Install Pentest Tools In Ubuntu
  39. How To Make Hacking Tools
  40. Hacking Tools Usb
  41. Hack Tool Apk
  42. Hacking Tools And Software
  43. Pentest Recon Tools
  44. Hacking Tools Hardware
  45. Hacking Tools Github
  46. Hak5 Tools
  47. Pentest Tools Kali Linux
  48. Hacking Tools For Kali Linux
  49. Pentest Tools Tcp Port Scanner
  50. Pentest Tools Url Fuzzer
  51. Wifi Hacker Tools For Windows
  52. Hacking Tools For Games
  53. Pentest Tools
  54. Pentest Tools Online
  55. Hacker Tools Online
  56. Hacking Tools For Pc
  57. Hacking Tools Usb
  58. Hacker Tools Free
  59. Hacking Tools For Beginners
  60. Hacker Tools List
  61. Hacker Tools For Pc
  62. Hacking Tools Download
  63. Ethical Hacker Tools
  64. Pentest Box Tools Download
  65. Hack Tools For Games
  66. Pentest Tools Free
  67. What Are Hacking Tools
  68. Underground Hacker Sites
  69. Pentest Tools Review
  70. Pentest Automation Tools
  71. Hacking Tools And Software
  72. Hackers Toolbox
  73. Github Hacking Tools
  74. Install Pentest Tools Ubuntu
  75. Hacking Tools Kit
  76. Hacker Tools For Mac
  77. Hack Tools For Games
  78. Hacking Tools Online
  79. Hacker Tools Windows
  80. Hacker Tool Kit
  81. Pentest Tools Alternative
  82. Ethical Hacker Tools
  83. Hacker Hardware Tools
  84. Tools For Hacker
  85. Hacking Tools For Mac
  86. New Hacker Tools
  87. Hacking Tools Usb
  88. Growth Hacker Tools
  89. Pentest Tools Github
  90. Tools 4 Hack
  91. Hack Tools Download
  92. Termux Hacking Tools 2019
  93. Underground Hacker Sites
  94. Pentest Tools For Ubuntu
  95. Hacking Tools For Games
  96. Github Hacking Tools
  97. Nsa Hack Tools
  98. Best Hacking Tools 2020
  99. Hacking Tools For Windows
  100. Hacker Tools For Pc
  101. Ethical Hacker Tools
  102. Nsa Hack Tools
  103. Hacking Tools Github
  104. Hacker Tools For Mac
  105. Hacking Tools Download
  106. Hack Tool Apk
  107. Pentest Tools Review
  108. Hack Apps
  109. Install Pentest Tools Ubuntu
  110. Hack Tools Online
  111. Free Pentest Tools For Windows
  112. Hacker Tools Github
  113. Hacker
  114. Best Hacking Tools 2020
  115. Hacking Tools For Kali Linux
  116. Hack Tools Download
  117. Top Pentest Tools
  118. Hacker Tools List
  119. Hacker Tools For Mac
  120. Pentest Tools Linux
  121. Hacker Tools
  122. Hacking Tools For Pc
  123. Hack Tools For Pc
  124. Computer Hacker
  125. Hacker Tools For Mac
  126. Hackers Toolbox
  127. Pentest Recon Tools
  128. Install Pentest Tools Ubuntu
  129. Hack Tools Mac
  130. Hack Tools Online
  131. Best Pentesting Tools 2018
  132. Hack Tools Mac
  133. Hacking Tools For Kali Linux
  134. Hack Tools 2019
  135. Hacker Tools Github
  136. Pentest Tools Apk
  137. Hacking Tools For Beginners
  138. Pentest Tools For Android
  139. Hacking Tools For Pc
  140. Hacker Tools Github
  141. Pentest Tools Tcp Port Scanner
  142. Pentest Tools For Ubuntu
  143. Pentest Tools For Android
  144. Hacker Tools 2020
  145. Wifi Hacker Tools For Windows
  146. Pentest Tools Download
  147. Pentest Box Tools Download
  148. Hack Rom Tools
  149. Pentest Tools For Mac
  150. Hack Apps
  151. Hack Tools Pc
  152. Hacking Apps
  153. Hacker Search Tools
  154. Hacker Tools For Mac

posted by Affiliate Marketer @ 10:02 PM 

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home