ports

security/sslsplit

sslsplit-0.5.3 – transparent and scalable SSL/TLS interception

Description

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS
encrypted network connections. Connections are transparently intercepted
through a firewall/network address translation engine and redirected to
SSLsplit.

SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to
the original destination address, while logging all data transmitted.
SSLsplit is intended to be useful for network forensics and penetration
testing.

SSLsplit supports plain TCP, plain SSL, HTTP and HTTPS connections over
both IPv4 and IPv6. For SSL and HTTPS connections, SSLsplit generates
and signs forged X509v3 certificates on-the-fly, based on the original
server certificate subject DN and subjectAltName extension. SSLsplit
fully supports Server Name Indication (SNI) and is able to work with
RSA, DSA and ECDSA keys and DHE and ECDHE cipher suites. SSLsplit can
also use existing certificates of which the private key is available,
instead of generating forged ones. SSLsplit supports NULL-prefix CN
certificates and can deny OCSP requests in a generic way. SSLsplit
removes HPKP response headers in order to prevent public key pinning.

WWW: https://www.roe.ch/SSLsplit

Categories:
security

Library dependencies

Build dependencies

Run dependencies

None