SSL/TLS: What’s in a key?
Introduction SSL/TLS is the foundation of cryptography for computer systems. The reason it has proven so popular and persistent is that it is agnostic of the protocol being encrypted. Originally,...
Category: Crypto
deen v2.1.1 released: Generic data encoding/decoding application
deen An application that allows applying encoding, compression, and hashing to generic input data. It is meant to be a handy tool for quick encoding/decoding tasks for data to be...
Damn Vulnerable Crypto Wallet
DVCW Damn Vulnerable Crypto Wallet is an extremely insecure Ethereum crypto wallet written in JavaScript. It has three main modules: Desktop app: built with Electron and Vue Web API: built...
SCWF: CTF tool for identifying, brute forcing and decoding encryption schemes
Solve Crypto With Force (SCWF) CTF tool for identifying, brute forcing and decoding encryption schemes in an automated way. Click here for the live version (use Chrome). Crypto CTF (sub)challenges can...
xortool v1.0 released: A tool to analyze multi-byte xor cipher
xortool.py A tool to do some xor analysis: guess the key length (based on the count of equal chars) guess the key (base on knowledge of most frequent char) Changelog...
Root The Box: A Game of Hackers (CTF Scoreboard & Game Manager)
>_ Root the Box Root the Box is a real-time capture the flag (CTF) scoring engine for computer wargames where hackers can practice and learn. The application can be easily...
RsaCtfTool: retreive private key from weak public key and/or uncipher data
RsaCtfTool RSA tool for ctf – uncipher data from weak public key and try to recover private key Automatic selection of best attack for the given public key Attacks :...
PacketWhisper: Stealthily exfiltrate data and defeat attribution
PacketWhisper PacketWhisper – Stealthily Transfer Data & Defeat Attribution Using DNS Queries & Text-Based Steganography, without the need for attacker-controlled Name Servers or domains; Evade DLP/MLS Devices; Defeat Data- &...
BabySploit v1.5 releases: Beginner Pentesting Toolkit/Framework Written in Python
BabySploit is a penetration testing toolkit aimed at making it easy to learn how to use bigger, more complicated frameworks like Metasploit. With a very easy to use UI and...
Hash-Buster v3.0 releases: scraps online hash crackers to find cleartext of a hash
Hash-Buster Hash Buster is a python script which uses several online hash crackers to find cleartext of a hash in less than 5 seconds. Features of Hash Buster: Automatic...
ciphr: CLI crypto swiss-army knife
Ciphr Ciphr is a CLI tool for performing and composing encoding, decoding, encryption, decryption, hashing, and other various operations on streams of data. It takes provided data, file data, or...
scale: Side-Channel Attack Lab
SCALE: Side-Channel Attack Lab. Exercises Alongside the implementation of cryptography in hardware and software, attacks on those implementations (plus associated countermeasures) form a central challenge in cryptographic engineering. This topic is sometimes termed...
DeepViolet Beta 5.1.16 releases: introspection of SSL\TLS sessions
OWASP DeepViolet TLS/SSL API DeepViolet is a TLS/SSL scanning API written in Java. To keep DeepViolet easy to use, identify bugs, reference implementations have been developed that consume the API....
TLS Prober: A tool to fingerprint SSL/TLS servers
TLS Prober TLS Prober is a tool for identifying the implementation in use by SSL/TLS servers. It analyses the behavior of a server by sending a range of probes then...
tlspretense: framework for testing SSL/TLS client certificate validation
TLSPretense — SSL/TLS Client Testing Framework TLSPretense provides a test framework for testing SSL certificate validation. It generates a set of certificates containing specific flaws, and it presents the certificates...
