Python SSL

Open-source Python projects categorized as SSL

An SSL is security technology. It's a protocol for servers and web browsers that makes sure that data passed between the two are private. It was first developed by Netscape in 1995 for the purpose of ensuring privacy, authentication, and data integrity in Internet communications. SSL is the predecessor to the modern TLS encryption used today.

Top 23 Python SSL Projects

  • mitmproxy

    An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

    Project mention: Apple's M4 Has Reportedly Adopted the ARMv9 Architecture | news.ycombinator.com | 2024-05-24

    Mainly this was just myself getting irritated at MS Teams and trying to figure out what it was doing. It was a couple years ago and my current company doesn't use teams, thankfully, so I can't really see if its still valid.

    From what I remember..

    There are files on the disk that get updated/overwritten with pulls from the server every time it launches. Somewhere in AppData I think. A few of these are config files (with lots of interesting looking settings, including beta features).

    One of the config entries specifies a telemetry endpoint (which, you _could_ figure out with a network tracing tool but there are a ton of MS telemetry endpoints your machine is probably talking to. Best to just grab the one explicitly being used from the config like this). I forget the full name of the setting but the name pretty clearly indicates its for telemetry, and the file is clearly a config file. If you can't find it just by browsing the structure, try a multi-file search tool and look for 'telemetry' or URL/hostnames.

    You can't really change the value on disk and make it just take effect from there, since it gets downloaded from the server and overwritten before Teams loads. There might be some tricks you can do locally to persist the change but nothing seemed to work for me. You could override response from server via mitmproxy but that requires finding where it comes across the wire at launch time and then building a script/config to replace it.

    Anyway, you can block that telemetry endpoint from a firewall and see your memory bloat. Or you can intercept that endpoint in any mitm proxy. I went with this [mitmproxy](https://mitmproxy.org/). From there you can capture the content it sends to the endpoint, or even change the response the server sends (Teams just seems to expect a 200 code back).

    The telemetry data itself is some kind of streaming event format. I think I even found documentation on the structure on some microsoft website, so its likely a reused format.

    It's pretty straightforward.

    I couldn't spend too much time on it and now it's not something I even use, but some cool things you might want to try if you dive deeper into this:

    - Overwrite the config file as it returns from the server, to turn on EU data protection, change various functionality you're not supposed to, or flip some feature flags.

    - Figure out if there's a feature flag or even other overwrite to fully disable the metrics so they aren't even collected, from anywhere in the app.

    - Intercept telemetry, return an 'OK' response and drop the data from telemetry, or maybe document what they collect more definitively if you think there's interest somewhere. This keeps your privacy but doesn't really do anything for performance.

    - Interfere with the data before actually returning it, maybe try playing with event contents and channel/user indicators. Microsoft probably won't like this if they notice, but it's unlikely they'll even notice.

  • Scout Monitoring

    Free Django app performance insights with Scout Monitoring. Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.

    Scout Monitoring logo
  • Twisted

    Event-driven networking engine written in Python.

  • websockify

    Websockify is a WebSocket to TCP proxy/bridge. This allows a browser to connect to any application/server/service.

  • curl-impersonate

    curl-impersonate: A special build of curl that can impersonate Chrome & Firefox

    Project mention: Recent 'MFA Bombing' Attacks Targeting Apple Users | news.ycombinator.com | 2024-03-27

    > us[e] Akamai to block scraping

    Would https://github.com/lwthiker/curl-impersonate help? Haven’t tried with Akamai, but did help with another widely used CDN that shall remain unnamed (but has successfully infused me with burning hate for their products after a couple of years’ worth of using an always-on VPN to bypass Internet censorship and/or a slightly unusual browser).

  • sslyze

    Fast and powerful SSL/TLS scanning library.

  • lemur

    Repository for the Lemur Certificate Manager

    Project mention: Death of DevSecOps, Part 3 | dev.to | 2024-07-05

    Netflix’s Lemur: makes it easy for a developer to get a TLS certificate for a microservice, without having to deal with cryptography, manage private keys securely, and remember to rotate certs before they expire

  • SparK

    [ICLR'23 Spotlight🔥] The first successful BERT/MAE-style pretraining on any convolutional network; Pytorch impl. of "Designing BERT for Convolutional Networks: Sparse and Hierarchical Masked Modeling" (by keyu-tian)

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
  • WordOps

    Install and manage a high performance WordPress stack with a few keystrokes

  • pyOpenSSL -- A Python wrapper around the OpenSSL library

    A Python wrapper around the OpenSSL library

  • MicroWebSrv2

    The last Micro Web Server for IoTs (MicroPython) or large servers (CPython), that supports WebSockets, routes, template engine and with really optimized architecture (mem allocations, async I/Os). Ready for ESP32, STM32 on Pyboard, Pycom's chipsets (WiPy, LoPy, ...). Robust, efficient and documented!

  • Loki

    Remote Access Tool (by Bitwise-01)

  • dnsrobocert

    Orchestrate Certbot and Lexicon together to provide Let's Encrypt TLS certificates validated by DNS challenges

  • trustme

    #1 quality TLS certs while you wait, for the discerning tester

  • acme-nginx

    python acme client for nginx

  • Mocket

    a socket mock framework - for all kinds of socket animals, web-clients included

  • ssl-checker

    Python script that collects SSL/TLS information from hosts

  • MITM_Intercept

    A little bit less hackish way to intercept and modify non-HTTP protocols through Burp & others.

  • dheater

    D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange. (read-only clone of the original GitLab project)

  • cryptonice

    CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration and supporting protocols such as HTTP2 and DNS.

  • showcert

    Simple OpenSSL for humans: all you need for X.509 TLS certificates (and nothing more).

    Project mention: Your own Certificate Authority (CA) in ONE simple command | dev.to | 2024-01-29

    Showcert is OpenSSL for humans, much simpler to use and it has gencert utility to generate certificates. Very easy.

  • Substr3am

    Passive reconnaissance/enumeration of interesting targets by watching for SSL certificates being issued

  • stable-diffusion-webui-auto-tls-https

    An extension for AUTOMATIC1111's Stable Diffusion Web-UI that enables easy or zero-conf TLS for HTTPS

  • proxy_web_crawler

    Automates the process of repeatedly searching for a website via scraped proxy IP and search keywords

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Python SSL discussion

Log in or Post with

Python SSL related posts

  • Death of DevSecOps, Part 3

    2 projects | dev.to | 5 Jul 2024
  • Terrapin-Scanner VS CryptoLyzer - a user suggested alternative

    2 projects | 14 Jan 2024
  • mitmproxy VS petep - a user suggested alternative

    2 projects | 3 Oct 2023
  • Learn and Test DMARC

    3 projects | news.ycombinator.com | 1 Oct 2023
  • Curl-impersonate: Mimic real browsers' TLS handshake with curl

    1 project | news.ycombinator.com | 8 Sep 2023
  • curl-impersonate VS curl-impersonate-php - a user suggested alternative

    2 projects | 2 Aug 2023
  • Found a way to bypass Cloudflare 403 forbidden in cURL, fetch

    2 projects | /r/webscraping | 2 Jul 2023
  • A note from our sponsor - SaaSHub
    www.saashub.com | 20 Jul 2024
    SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source SSL projects in Python? This list will help you:

Project Stars
1 mitmproxy 35,315
2 Twisted 5,498
3 websockify 3,827
4 curl-impersonate 3,501
5 sslyze 3,194
6 lemur 1,707
7 SparK 1,401
8 WordOps 1,281
9 pyOpenSSL -- A Python wrapper around the OpenSSL library 874
10 MicroWebSrv2 633
11 Loki 560
12 dnsrobocert 549
13 trustme 547
14 acme-nginx 314
15 Mocket 278
16 ssl-checker 248
17 MITM_Intercept 199
18 dheater 175
19 cryptonice 98
20 showcert 70
21 Substr3am 64
22 stable-diffusion-webui-auto-tls-https 59
23 proxy_web_crawler 42

Sponsored
Free Django app performance insights with Scout Monitoring
Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.
www.scoutapm.com