nullcon 2011 - SSLSmart – Smart SSL Cipher Enumeration

1,308 views

Published on

SSLSmart – Smart SSL Cipher Enumeration by Gursev Singh Kalra

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,308
On SlideShare
0
From Embeds
0
Number of Embeds
55
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

nullcon 2011 - SSLSmart – Smart SSL Cipher Enumeration

  1. 1. SSLSmart – Smart SSL Cipher Enumeration Gursev Singh Kalra nullcon | Feb26, 2011
  2. 2. Agenda►Introduction►Why Enumerate SSL Ciphers?►Why SSLSmart?►SSLSmart Demonstrations►Q&A www.foundstone.com © 2010, McAfee, Inc.
  3. 3. Introduction►Who am I? ■ Managing Consultant – Foundstone Professional Services ■ Web Applications, Networks, Mobile Applications, Research, Tools… www.foundstone.com © 2010, McAfee, Inc.
  4. 4. Why Enumerate SSL Ciphers?►PCI Compliance►Web Application Penetration Testing►Network Assessments►Insecure Crypto Implementation www.foundstone.com © 2010, McAfee, Inc.
  5. 5. Why SSLSmart? Flexible WYSIWYG SSLSmartOpen Source and Rich Reporting Cross Platform www.foundstone.com © 2010, McAfee, Inc.
  6. 6. Flexibility• Granular Cipher Control• Certificate Verification• Proxy Support• Content and CONNECT Tests www.foundstone.com © 2010, McAfee, Inc.
  7. 7. What You See Is What You Get www.foundstone.com © 2010, McAfee, Inc.
  8. 8. Open Source and Cross Platform• Works with Ruby 1.8.6, 1.8.7, 1.9.1 & 1.9.2• Tested on Windows, Linux www.foundstone.com © 2010, McAfee, Inc.
  9. 9. Rich Reporting• Text• HTML• XML www.foundstone.com © 2010, McAfee, Inc.
  10. 10. SSLSmart Demonstrations►SSLSmart GUI►Custom scripts using SSLSmart API’s www.foundstone.com © 2010, McAfee, Inc.
  11. 11. Queries www.foundstone.com © 2010, McAfee, Inc.
  12. 12. Thank You Gursev Kalragursev.kalra@foundstone.com www.foundstone.com © 2010, McAfee, Inc.

×