Home

Awesome


Any use of this project's code by GitHub Copilot, past or present, is done without our permission. We do not consent to GitHub's use of this project's code in Copilot.

O-Saft - OWASP SSL advanced forensic tool

Download Version 24.01.24

QUICK START

  o-saft.pl --help
  o-saft.pl +check  your.tld
  o-saft.pl +info   your.tld
  o-saft.pl +quick  your.tld
  o-saft.pl +cipher your.tld
  o-saft.pl --help=commands

  o-saft.tcl      # (simple GUI; requires Tcl/Tk 8.5 or newer)

  o-saft-docker   # (simple wrapper to call o-saft.pl in docker image)

  o-saft          # (simple wrapper to call o-saft.pl or o-saft.tcl or o-saft-docker)

DESCRIPTION

This tools lists information about remote target's SSL certificate and tests the remote target according given list of ciphers.

UNIQUE FEATURES

WHY?

Why a new tool for checking SSL when there already exist a dozens or more good tools in 2012? Some (but not all) reasons are:

For more details, please use:

  o-saft.pl --help

or read the source ;-)

TARGET AUDIENCE

INSTALLATION

o-saft.pl requires following Perl modules:

ModuleVersion
Net::SSLeay(prefered >= 1.51, recommended 1.94)
IO::Socket::SSL(prefered >= 1.37, recommended 2.081)
IO::Socket::INET(prefered >= 2.49)
Net::DNS(prefered >= 1.36, for --mx option only)

It can be executed from within the unpacked or cloned directory, installation is not necessary. However, a INSTALL.sh script will be provided, which can be called as follows:

Own modules are all installed in ./lib .

  INSTALL.sh /path/to/install
  INSTALL.sh --check

For more details on installation, please see:

  INSTALL.sh --help

There're no dependencies to other Perl modules for checkAllCiphers.pl so the test of all ciphers will work with it.

Following files are optional:

File / ToolDescription
.o-saft.pl(private user configuration)
.o-saft.tcl(private user configuration for GUI)
lib/OTrace.pm(functions for debugging)
lib/OMan.pm(documentation and generation functions)
doc/o-saft.pod(documentation in POD format)
lib/o-saft-img.tcl(images for buttons in GUI)
usr/checkAllCiphers.pl(simple script for checking all ciphers)
usr/*(additional programs and tools)

Sources

<!-- * Project roadmap https://www.owasp.org/index.php/Projects/O-Saft/Roadmap -->

Get a Copy (latest stable release)

  wget https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz

Get a Copy (development version)

  git clone https://github.com/OWASP/O-Saft.git
  git clone git@github.com:OWASP/O-Saft.git

Get Docker Image (latest stable release)

  docker pull owasp/o-saft

VERSION

24.09.24

The version of the tarball o-saft.tgz represents the version listed on top herein. All other files in the repository may be ahead of this tarball version.

SHA256 checksum of o-saft.tgz

158e33ea4c1f27ac87da3555f811d01bbccdf1756f064d68c144f58aad02eb0e
<!-- # comment not rendered in HTML -->

SHA256 checksum of docker image owasp/o-saft:latest and owasp/o-saft:24.09.24

sha256:20b7ce94aa01861b4b3ebd4944c39ee243fee7550e4303e45658703ff5d038b9

NOTE that the checksums listed here are the previous versions if this file is from o-saft.tgz itself, or inside the docker image.

Changes

A detailled list of changes can be found in CHANGES. It will be updated with each new version (release).

Older version

If older versions should be used, please get the correspondig o-saft.tgz from github's releases, see: https://github.com/OWASP/O-Saft/releases (as of September 2024).