الأربعاء، 10 أغسطس 2016

A2SV: Auto Scanning Tool To Find SSL Vulnerability

Auto Scanning to SSL Vulnerability

A2SV: Auto Scanning Tool To Find SSL Vulnerability


What is A2SV?
Its an Auto Scanning tool to find SSL Vulnerability and its featured with HeartBleed, CCS Injection, SSLv3 POODLE, FREAK... etc

A. Support Vulnerability

[CVE-2014-0160] CCS Injection
[CVE-2014-0224] HeartBleed
[CVE-2014-3566] SSLv3 POODLE
[CVE-2015-0204] FREAK Attack
[CVE-2015-4000] LOGJAM Attack
[CVE-2016-0703] SSLv2 DROWN

B. Dev Plan

[PLAN] SSL ACCF

2. How to Install?

A. Download(clone) & Unpack A2SV

git clone https://github.com/hahwul/a2sv.git
cd a2sv
B. Install Python Package / OpenSSL

pip install argparse
pip install netaddr

apt-get install openssl
C. Run A2SV

python a2sv.py -h

3. How to Use?

usage: a2sv.py [-h] [-t TARGET] [-p PORT] [-m MODULE] [-v]

Optional arguments:
-h, --help            show this help message and exit
-t TARGET, --target TARGET
                      Target URL/IP Address
-p PORT, --port PORT  Custom Port / Default: 443
-m MODULE, --module MODULE
                      Check SSL Vuln with one module
                      [h]: HeartBleed
                      [c]: CCS Injection
                      [p]: SSLv3 POODLE
                      [f]: OpenSSL FREAK
                      [l]: OpenSSL LOGJAM
                      [d]: SSLv2 DROWN
-u, --update          Update A2SV (GIT)
-v, --version         Show Version

[Scan SSL Vulnerability]
python a2sv.py -t 127.0.0.1
python a2sv.py -t 127.0.0.1 -m heartbleed
python a2sv.py -t 127.0.0.1 -p 8111

[Update A2SV]
python a2sv.py -u
python a2sv.py --update

Download

ليست هناك تعليقات:

إرسال تعليق