| . |
|
Bitland.Net Security Notes
Comments? email jwilkins-at-bitland*net
More information on the author at Jonathan Wilkins's home page RSS feed available at http://www.bitland.net/index.rss 
|
| Archives: 2007, 2006, 2005, 2004, 2003, 2002, 2001, 2000 |
| |
| |
| HTTPS Testing tools | (2003/05/31 18:00) |
Testing straight HTTP pages is easy. Just fire up netcat and go. (Actually, this gets a bit more complicated with IIS6 as it doesn't accept \n's in leiu of \r\n's, which is bloody annoying) Testing HTTPS is a bit harder. You have to throw something that speaks SSL in the way. This comes up on the various SecurityFocus mailing lists every once in a while, so I thought I'd aggregate some of the suggestions. OpenSSL OpenSSL comes with a command line tool that allows you to put arbitrary TCP streams over SSL. This can be combined with netcat easily. @Stake's WebProxy WebProxy 2.1 is way better than previous versions. It will do SSL MITM for proxied connections. I don't know anything about the following tools, they were recommended on the lists. Exodus HTTPPush Sleuth Sleuth 1.36 (free, Linux) SSL-Proxy |
| +digg | +del.icio.us | [Tools ] | Permanent link |
| |
| RSS feed available at http://www.bitland.net/index.rss |