ssl-config-generator
dheater
ssl-config-generator | dheater | |
---|---|---|
2 | 9 | |
351 | 170 | |
0.6% | -0.6% | |
7.4 | 6.9 | |
about 2 months ago | 4 months ago | |
Handlebars | Python | |
Mozilla Public License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ssl-config-generator
-
Disabling DHE cipher suites on Linux based appliances
In the meantime, Mozilla seems to be the go-to now, and they have this discussion about dheater going on.
-
Server overload by enforcing DHE key exchange using minimal bandwidth
Reported this to Mozilla SSL configuration generator authors as a bug, so that they stop enabling DHE in their Intermediate and Old configurations: https://github.com/mozilla/ssl-config-generator/issues/162
dheater
- D(HE)ater
-
CVE-2002-20001 - disable Diffie-Hellman (DHE) key exchange on everything
I was going off what the document at https://github.com/Balasys/dheater suggests in that disabling it in pretty much everything.
- CVE-2002-20001 recommends disabling Diffie-Hellman on Apache and nginx
- GitHub - Balasys/dheater: D(HE)ater is a security tool can perform DoS attack by enforcing the DHE key exchange.
- D(HE)ater is a security tool can perform DoS attack by enforcing the DHE key exchange
- Server overload by enforcing DHE key exchange using minimal bandwidth
What are some alternatives?
SBSCAN - SBSCAN是一款专注于spring框架的渗透测试工具,可以对指定站点进行springboot未授权扫描/敏感信息扫描以及进行spring框架漏洞扫描与验证的综合利用工具。 [SBSCAN is a penetration testing tool focused on the spring framework that can scan springboot sensitive information/unauthorized for specified sites and scan and validate spring related vulnerabilities]
pyOpenSSL -- A Python wrapper around the OpenSSL library - A Python wrapper around the OpenSSL library
CVE-2021-37740 - PoC for DoS vulnerability CVE-2021-37740 in firmware v3.0.3 of SCN-IP100.03 and SCN-IP000.03 by MDT. The bug has been fixed in firmware v3.0.4.
Dossify
poc - Proof of Concepts
Twisted - Event-driven networking engine written in Python.
Heartbleed - Heartbleed vulnerability exploited 🩸
stm32f1-picopwner - Dump read-out protected STM32F1's with a Pi Pico - A Pi Pico implementation of @JohannesObermaier's, Marc Schink's and Kosma Moczek's Glitch and FPB attack to bypass RDP (read-out protection) level 1 on STM32F1 chips
sslyze - Fast and powerful SSL/TLS scanning library.
xssmap - Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities