Explore 21 curated tools and resources
Want your tool featured here?
Get maximum visibility with pinned placement
A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.
A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.
A Docker-based utility that monitors TLS certificate expiration dates and exposes the data as Prometheus metrics with support for Kubernetes ingress discovery and configurable domain filtering.
A Docker-based utility that monitors TLS certificate expiration dates and exposes the data as Prometheus metrics with support for Kubernetes ingress discovery and configurable domain filtering.
Intercepts and examines mobile app connections by stripping SSL/TLS layer.
Intercepts and examines mobile app connections by stripping SSL/TLS layer.
A Node.js middleware module that automatically enforces HTTPS connections by redirecting HTTP requests to HTTPS URLs in Express.js applications.
A Node.js middleware module that automatically enforces HTTPS connections by redirecting HTTP requests to HTTPS URLs in Express.js applications.
SMTP honeypot tool with configurable response messages, email storage, and automatic information extraction.
SMTP honeypot tool with configurable response messages, email storage, and automatic information extraction.
testssl.sh is a free command line tool for checking server's TLS/SSL configurations with clear and machine-readable output.
testssl.sh is a free command line tool for checking server's TLS/SSL configurations with clear and machine-readable output.
A technique to associate applications with TLS parameters for identifying malware and vulnerable applications.
A technique to associate applications with TLS parameters for identifying malware and vulnerable applications.
A Certificate Transparency log monitor that alerts users when SSL/TLS certificates are issued for their domains, helping detect unauthorized certificate issuance and potential security threats.
A Certificate Transparency log monitor that alerts users when SSL/TLS certificates are issued for their domains, helping detect unauthorized certificate issuance and potential security threats.
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
Catch possible phishing domains in near real time by looking for suspicious TLS certificate issuances reported to the Certificate Transparency Log (CTL) via the CertStream API.
Catch possible phishing domains in near real time by looking for suspicious TLS certificate issuances reported to the Certificate Transparency Log (CTL) via the CertStream API.
A method for profiling SSL/TLS Clients with easy-to-produce client fingerprints.
A method for profiling SSL/TLS Clients with easy-to-produce client fingerprints.
Accurate detection of HTTPS interception and robust TLS fingerprinting tool.
Accurate detection of HTTPS interception and robust TLS fingerprinting tool.
JARM is a TLS server fingerprinting tool used for identifying server configurations and malicious infrastructure.
JARM is a TLS server fingerprinting tool used for identifying server configurations and malicious infrastructure.
A reference guide documenting known vulnerabilities in SSL/TLS protocol versions and cipher suites to help security professionals identify insecure configurations.
A reference guide documenting known vulnerabilities in SSL/TLS protocol versions and cipher suites to help security professionals identify insecure configurations.
A microservice for string padding to prevent global issues like the left-pad incident.
A microservice for string padding to prevent global issues like the left-pad incident.
SSLyze is a fast and powerful SSL/TLS scanning tool and Python library with a focus on speed, reliability, and ease of integration.
SSLyze is a fast and powerful SSL/TLS scanning tool and Python library with a focus on speed, reliability, and ease of integration.
Red October is a TLS-based encryption server that implements two-man rule authorization, requiring multiple users to collaborate for cryptographic operations.
Red October is a TLS-based encryption server that implements two-man rule authorization, requiring multiple users to collaborate for cryptographic operations.
mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets.
CryptoLyzer is a cryptographic protocol analyzer that examines TLS, SSL, SSH, and DNSSEC server implementations with fingerprinting capabilities and multiple output formats.
CryptoLyzer is a cryptographic protocol analyzer that examines TLS, SSL, SSH, and DNSSEC server implementations with fingerprinting capabilities and multiple output formats.