Raccoon Attack: Researchers Find A Vulnerability in TLS 1.2

Bad news: there’s a vulnerability in TLS 1.2. Good news: researchers say it’s “very hard to exploit” and major vendors have already released security patches for it. A team of…
The post Raccoon Attack: Researchers Find A Vulnerability in TLS 1.2 app… Continue reading Raccoon Attack: Researchers Find A Vulnerability in TLS 1.2

Introducing Zombie POODLE and GOLDENDOODLE

I’m excited to announce that I will be presenting at this year’s Black Hat Asia about my research into detecting and exploiting CBC padding oracles! Zombie POODLE and GOLDENDOODLE are the names I’ve given to the vulnerabilities I&#821… Continue reading Introducing Zombie POODLE and GOLDENDOODLE

A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed

A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed

A2SV is a Python-based SSL Vulnerability focused tool that allows for auto-scanning and detection of the common and well-known SSL Vulnerabilities.

SSL Vulnerabilities Detected by A2SV

  • [CVE-2007-1858] Anonymous Cipher
  • [CVE-2012-4929] CRIME(SPDY)
  • [CVE-2014-0160] CCS Injection
  • [CVE-2014-0224] HeartBleed
  • [CVE-2014-3566] SSLv3 POODLE
  • [CVE-2015-0204] FREAK Attack
  • [CVE-2015-4000] LOGJAM Attack
  • [CVE-2016-0800] SSLv2 DROWN

Planned for future:

  • [PLAN] SSL ACCF
  • [PLAN] SSL Information Analysis

Installation & Requirements for A2SV

A.

Read the rest of A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed now! Only available at Darknet.

Continue reading A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed